docker.io/langgenius/dify-web:1.15.0 linux/arm64

docker.io/langgenius/dify-web:1.15.0 - Trivy安全扫描结果 扫描时间: 2026-06-26 08:39 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:21 中危漏洞:21 高危漏洞:36 严重漏洞:2

系统OS: alpine 3.23.3 扫描引擎: Trivy 扫描时间: 2026-06-26 08:39

docker.io/langgenius/dify-web:1.15.0 (alpine 3.23.3) (alpine)
低危漏洞:20 中危漏洞:15 高危漏洞:13 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2026-31789 严重 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libssl3 CVE-2026-31789 严重 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libcrypto3 CVE-2026-28388 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libcrypto3 CVE-2026-28389 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libcrypto3 CVE-2026-28390 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libcrypto3 CVE-2026-45447 高危 3.5.5-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libcrypto3 CVE-2026-28387 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3 CVE-2026-28387 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3 CVE-2026-28388 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3 CVE-2026-28389 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3 CVE-2026-28390 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3 CVE-2026-45447 高危 3.5.5-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
musl CVE-2026-40200 高危 1.2.5-r21 1.2.5-r23 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 17:17 修改: 2026-06-17 10:44
musl-utils CVE-2026-40200 高危 1.2.5-r21 1.2.5-r23 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 17:17 修改: 2026-06-17 10:44
zlib CVE-2026-22184 高危 1.3.1-r2 1.3.2-r0 zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-01-07 21:16 修改: 2026-06-17 10:19
libcrypto3 CVE-2026-34183 中危 3.5.5-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libcrypto3 CVE-2026-42764 中危 3.5.5-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3 CVE-2026-45445 中危 3.5.5-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libssl3 CVE-2026-2673 中危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
libssl3 CVE-2026-31790 中危 3.5.5-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libssl3 CVE-2026-34182 中危 3.5.5-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3 CVE-2026-34183 中危 3.5.5-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3 CVE-2026-42764 中危 3.5.5-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3 CVE-2026-45445 中危 3.5.5-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libcrypto3 CVE-2026-2673 中危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
musl CVE-2026-6042 中危 1.2.5-r21 1.2.5-r22 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 09:16 修改: 2026-06-17 11:00
libcrypto3 CVE-2026-31790 中危 3.5.5-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
musl-utils CVE-2026-6042 中危 1.2.5-r21 1.2.5-r22 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 09:16 修改: 2026-06-17 11:00
libcrypto3 CVE-2026-34182 中危 3.5.5-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
zlib CVE-2026-27171 中危 1.3.1-r2 1.3.2-r0 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
libcrypto3 CVE-2026-7383 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
libcrypto3 CVE-2026-9076 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
libcrypto3 CVE-2026-34180 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libcrypto3 CVE-2026-34181 低危 3.5.5-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3 CVE-2026-34180 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3 CVE-2026-34181 低危 3.5.5-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3 CVE-2026-42766 低危 3.5.5-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3 CVE-2026-42767 低危 3.5.5-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3 CVE-2026-42768 低危 3.5.5-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3 CVE-2026-42769 低危 3.5.5-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3 CVE-2026-42770 低危 3.5.5-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3 CVE-2026-45446 低危 3.5.5-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libssl3 CVE-2026-7383 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
libssl3 CVE-2026-9076 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
libcrypto3 CVE-2026-42766 低危 3.5.5-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3 CVE-2026-42767 低危 3.5.5-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3 CVE-2026-42768 低危 3.5.5-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3 CVE-2026-42769 低危 3.5.5-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3 CVE-2026-42770 低危 3.5.5-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3 CVE-2026-45446 低危 3.5.5-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
Node.js (node-pkg)
低危漏洞:1 中危漏洞:6 高危漏洞:23 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
glob CVE-2025-64756 高危 10.4.5 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2025-11-17 18:15 修改: 2026-06-17 09:55
minimatch CVE-2026-26996 高危 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-02-20 03:16 修改: 2026-06-17 10:26
minimatch CVE-2026-27903 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
minimatch CVE-2026-27904 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
picomatch CVE-2026-33671 高危 4.0.2 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37
tar CVE-2026-23745 高危 6.2.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-16 22:16 修改: 2026-06-17 10:22
tar CVE-2026-23950 高危 6.2.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-20 01:15 修改: 2026-06-17 10:22
tar CVE-2026-24842 高危 6.2.1 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-28 01:16 修改: 2026-06-17 10:23
tar CVE-2026-26960 高危 6.2.1 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-02-20 02:16 修改: 2026-06-17 10:26
tar CVE-2026-29786 高危 6.2.1 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-07 16:15 修改: 2026-06-17 10:29
tar CVE-2026-31802 高危 6.2.1 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-10 07:44 修改: 2026-06-17 10:34
tar CVE-2026-23745 高危 7.4.3 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-16 22:16 修改: 2026-06-17 10:22
tar CVE-2026-23745 高危 7.4.3 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-16 22:16 修改: 2026-06-17 10:22
tar CVE-2026-23950 高危 7.4.3 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-20 01:15 修改: 2026-06-17 10:22
tar CVE-2026-23950 高危 7.4.3 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-20 01:15 修改: 2026-06-17 10:22
tar CVE-2026-24842 高危 7.4.3 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-28 01:16 修改: 2026-06-17 10:23
tar CVE-2026-24842 高危 7.4.3 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-28 01:16 修改: 2026-06-17 10:23
tar CVE-2026-26960 高危 7.4.3 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-02-20 02:16 修改: 2026-06-17 10:26
tar CVE-2026-26960 高危 7.4.3 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-02-20 02:16 修改: 2026-06-17 10:26
tar CVE-2026-29786 高危 7.4.3 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-07 16:15 修改: 2026-06-17 10:29
tar CVE-2026-29786 高危 7.4.3 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-07 16:15 修改: 2026-06-17 10:29
tar CVE-2026-31802 高危 7.4.3 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-10 07:44 修改: 2026-06-17 10:34
tar CVE-2026-31802 高危 7.4.3 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-10 07:44 修改: 2026-06-17 10:34
brace-expansion CVE-2026-33750 中危 2.0.2 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-27 15:16 修改: 2026-06-17 10:38
ip-address CVE-2026-42338 中危 9.0.5 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-05-12 20:16 修改: 2026-06-17 10:47
picomatch CVE-2026-33672 中危 4.0.2 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37
tar CVE-2026-53655 中危 6.2.1 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-06-22 16:16 修改: 2026-06-23 15:50
tar CVE-2026-53655 中危 7.4.3 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-06-22 16:16 修改: 2026-06-23 15:50
tar CVE-2026-53655 中危 7.4.3 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-06-22 16:16 修改: 2026-06-23 15:50
diff CVE-2026-24001 低危 5.2.0 8.0.3, 5.2.2, 4.0.4, 3.5.1 jsdiff: denial of service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:daf355f30b90f2a433315a611932c5281e5dea2a0fb99426b570b408a2f11329

发布日期: 2026-01-22 03:15 修改: 2026-06-17 10:22
/app/targets/vinext/dist/server/index.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×