docker.io/library/node:22.2-alpine linux/amd64

docker.io/library/node:22.2-alpine - Trivy安全扫描结果 扫描时间: 2026-06-22 12:23
全部漏洞信息
低危漏洞:29 中危漏洞:23 高危漏洞:32 严重漏洞:2

系统OS: alpine 3.20.0 扫描引擎: Trivy 扫描时间: 2026-06-22 12:23

docker.io/library/node:22.2-alpine (alpine 3.20.0) (alpine)
低危漏洞:27 中危漏洞:20 高危漏洞:21 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2026-31789 严重 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-31789 严重 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2024-6119 高危 3.3.0-r2 3.3.2-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-09-03 16:15 修改: 2026-05-12 12:17
libcrypto3 CVE-2025-15467 高危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
libcrypto3 CVE-2025-69421 高危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28387 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28388 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28389 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28390 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2024-12797 高危 3.3.0-r2 3.3.3-r0 openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12797

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-02-11 16:15 修改: 2026-04-15 00:35
libssl3 CVE-2024-12797 高危 3.3.0-r2 3.3.3-r0 openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12797

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-02-11 16:15 修改: 2026-04-15 00:35
libssl3 CVE-2024-6119 高危 3.3.0-r2 3.3.2-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-09-03 16:15 修改: 2026-05-12 12:17
libssl3 CVE-2025-15467 高危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
libssl3 CVE-2025-69421 高危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28387 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28388 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28389 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28390 高危 3.3.0-r2 3.3.7-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
musl CVE-2025-26519 高危 1.2.5-r0 1.2.5-r1 musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-02-14 04:15 修改: 2025-12-10 20:03
musl CVE-2026-40200 高危 1.2.5-r0 1.2.5-r3 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
musl-utils CVE-2025-26519 高危 1.2.5-r0 1.2.5-r1 musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-02-14 04:15 修改: 2025-12-10 20:03
musl-utils CVE-2026-40200 高危 1.2.5-r0 1.2.5-r3 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
zlib CVE-2026-22184 高危 1.3.1-r1 1.3.2-r0 zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-07 21:16 修改: 2026-03-18 16:26
busybox CVE-2023-42365 中危 1.36.1-r28 1.36.1-r29 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
busybox CVE-2024-58251 中危 1.36.1-r28 1.36.1-r31 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
libcrypto3 CVE-2025-69419 中危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-9230 中危 3.3.0-r2 3.3.5-r0 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libcrypto3 CVE-2025-9231 中危 3.3.0-r2 3.3.5-r0 openssl: Timing side-channel in SM2 algorithm on 64 bit ARM

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libssl3 CVE-2025-69419 中危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-9230 中危 3.3.0-r2 3.3.5-r0 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libssl3 CVE-2025-9231 中危 3.3.0-r2 3.3.5-r0 openssl: Timing side-channel in SM2 algorithm on 64 bit ARM

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libssl3 CVE-2026-31790 中危 3.3.0-r2 3.3.7-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-31790 中危 3.3.0-r2 3.3.7-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
busybox-binsh CVE-2023-42364 中危 1.36.1-r28 1.36.1-r29 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
musl CVE-2026-6042 中危 1.2.5-r0 1.2.5-r2 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
busybox-binsh CVE-2023-42365 中危 1.36.1-r28 1.36.1-r29 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
busybox-binsh CVE-2024-58251 中危 1.36.1-r28 1.36.1-r31 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
musl-utils CVE-2026-6042 中危 1.2.5-r0 1.2.5-r2 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
ssl_client CVE-2023-42364 中危 1.36.1-r28 1.36.1-r29 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
ssl_client CVE-2023-42365 中危 1.36.1-r28 1.36.1-r29 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
ssl_client CVE-2024-58251 中危 1.36.1-r28 1.36.1-r31 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
busybox CVE-2023-42364 中危 1.36.1-r28 1.36.1-r29 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
zlib CVE-2026-27171 中危 1.3.1-r1 1.3.2-r0 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-02-18 04:16 修改: 2026-03-25 21:27
libcrypto3 CVE-2025-69420 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-9232 低危 3.3.0-r2 3.3.5-r0 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libcrypto3 CVE-2026-22795 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2024-13176 低危 3.3.0-r2 3.3.2-r2 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
libssl3 CVE-2024-4741 低危 3.3.0-r2 3.3.0-r3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
libssl3 CVE-2024-5535 低危 3.3.0-r2 3.3.1-r1 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
libssl3 CVE-2024-9143 低危 3.3.0-r2 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
libssl3 CVE-2025-15468 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libssl3 CVE-2025-66199 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libssl3 CVE-2025-68160 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-69418 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-69420 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-9232 低危 3.3.0-r2 3.3.5-r0 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libssl3 CVE-2026-22795 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-22796 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-22796 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
busybox-binsh CVE-2025-46394 低危 1.36.1-r28 1.36.1-r31 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-04-23 16:15 修改: 2026-06-02 14:16
busybox CVE-2025-46394 低危 1.36.1-r28 1.36.1-r31 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-04-23 16:15 修改: 2026-06-02 14:16
libcrypto3 CVE-2024-13176 低危 3.3.0-r2 3.3.2-r2 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
libcrypto3 CVE-2024-4741 低危 3.3.0-r2 3.3.0-r3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
libcrypto3 CVE-2024-5535 低危 3.3.0-r2 3.3.1-r1 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
libcrypto3 CVE-2024-9143 低危 3.3.0-r2 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
libcrypto3 CVE-2025-15468 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libcrypto3 CVE-2025-66199 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
ssl_client CVE-2025-46394 低危 1.36.1-r28 1.36.1-r31 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2025-04-23 16:15 修改: 2026-06-02 14:16
libcrypto3 CVE-2025-68160 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-69418 低危 3.3.0-r2 3.3.6-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
Node.js (node-pkg)
低危漏洞:2 中危漏洞:3 高危漏洞:11 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5, 6.0.6 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2024-11-08 05:15 修改: 2026-04-15 00:35
glob CVE-2025-64756 高危 10.3.12 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2025-11-17 18:15 修改: 2025-12-02 19:34
minimatch CVE-2026-26996 高危 9.0.4 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-27903 高危 9.0.4 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27904 高危 9.0.4 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
tar CVE-2026-23745 高危 6.2.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar CVE-2026-23950 高危 6.2.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar CVE-2026-24842 高危 6.2.1 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar CVE-2026-26960 高危 6.2.1 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar CVE-2026-29786 高危 6.2.1 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar CVE-2026-31802 高危 6.2.1 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
ip-address CVE-2026-42338 中危 9.0.5 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-05-12 20:16 修改: 2026-05-19 20:04
brace-expansion CVE-2026-33750 中危 2.0.1 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
tar CVE-2026-53655 中危 6.2.1 7.5.16 node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
brace-expansion CVE-2025-5889 低危 2.0.1 2.0.2, 1.1.12, 3.0.1, 4.0.1 brace-expansion: juliangruber brace-expansion index.js expand redos

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
diff CVE-2026-24001 低危 5.2.0 8.0.3, 5.2.2, 4.0.4, 3.5.1 jsdiff: denial of service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:7b51491debc5cbf33e18beeee3dba2e331068b4b406a122b31a1800b740ad23b

发布日期: 2026-01-22 03:15 修改: 2026-03-04 15:23
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×