docker.io/linuxserver/code-server:latest linux/amd64

docker.io/linuxserver/code-server:latest - Trivy安全扫描结果 扫描时间: 2024-12-23 10:55
全部漏洞信息
低危漏洞:36 中危漏洞:20 高危漏洞:17 严重漏洞:4

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2024-12-23 10:55

docker.io/linuxserver/code-server:latest (ubuntu 24.04) (ubuntu)
低危漏洞:32 中危漏洞:13 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
krb5-locales CVE-2024-26462 中危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libgssapi-krb5-2 CVE-2024-26462 中危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26462 中危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26462 中危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26462 中危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libpam-modules CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-modules-bin CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules-bin CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-runtime CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam0g CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
keyboxd CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
coreutils CVE-2016-2781 低危 9.4-3ubuntu6 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
krb5-locales CVE-2024-26458 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
krb5-locales CVE-2024-26461 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc-bin CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc6 CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libgcrypt20 CVE-2024-2236 低危 1.10.3-2build1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
dirmngr CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libgssapi-krb5-2 CVE-2024-26458 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2 CVE-2024-26461 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
git CVE-2018-1000021 低危 1:2.43.0-1ubuntu7.1 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libk5crypto3 CVE-2024-26458 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libk5crypto3 CVE-2024-26461 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
git-man CVE-2018-1000021 低危 1:2.43.0-1ubuntu7.1 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libkrb5-3 CVE-2024-26458 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5-3 CVE-2024-26461 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gnupg CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libkrb5support0 CVE-2024-26458 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5support0 CVE-2024-26461 低危 1.20.1-6ubuntu2.2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gnupg-l10n CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gnupg-utils CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg-agent CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg-wks-client CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpgconf CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpgsm CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpgv CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libssl3t64 CVE-2024-41996 低危 3.0.13-0ubuntu3.4 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:dba8abaeccbd8a62822dca015b4201aa0efd86df5f4637763a11eae896aaf589

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
locales CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
openssl CVE-2024-41996 低危 3.0.13-0ubuntu3.4 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:a0ea4b5f209ebcb88d909fd5c6c6b96945ee90456839ad80ca7e64e286a0be1b

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
patch CVE-2018-6952 低危 2.7.6-7build3 patch: Double free of memory in pch.c:another_hunk() causes a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6952

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2018-02-13 19:29 修改: 2019-04-17 20:29
patch CVE-2021-45261 低危 2.7.6-7build3 patch: Invalid Pointer via another_hunk function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45261

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2021-12-22 18:15 修改: 2021-12-28 14:24
Node.js (node-pkg)
低危漏洞:4 中危漏洞:7 高危漏洞:17 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
code-server CVE-2023-26114 严重 1.96.2 4.10.1 code-server vulnerable to Missing Origin Validation in WebSockets

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26114

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2023-03-23 05:15 修改: 2023-11-07 04:09
handlebars CVE-2019-19919 严重 1.0.0 4.3.0, 3.0.8 nodejs-handlebars: prototype pollution leading to remote code execution via crafted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19919

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2019-12-20 23:15 修改: 2022-06-03 18:48
handlebars CVE-2021-23369 严重 1.0.0 4.7.7 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23369

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2021-04-12 14:15 修改: 2021-06-08 13:54
handlebars CVE-2021-23383 严重 1.0.0 4.7.7 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23383

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2021-05-04 09:15 修改: 2021-12-03 19:59
grunt CVE-2022-1537 高危 1.0.0 1.5.3 gruntjs: race condition leading to arbitrary file write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1537

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2022-05-10 14:15 修改: 2023-04-05 22:15
code-server CVE-2021-3810 高危 1.96.2 3.12.0 Inefficient Regular Expression Complexity in code-server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3810

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:02
diff GHSA-h6ch-v84p-w6p9 高危 1.0.0 3.5.0 Regular Expression Denial of Service (ReDoS)

漏洞详情: https://github.com/advisories/GHSA-h6ch-v84p-w6p9

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
grunt CVE-2020-7729 高危 1.0.0 1.3.0 The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execut ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7729

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2020-09-03 09:15 修改: 2022-11-16 14:05
handlebars CVE-2019-20920 高危 1.0.0 3.0.8, 4.5.3 nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20920

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2020-09-30 18:15 修改: 2020-10-15 17:35
handlebars GHSA-2cf5-4w76-r9qv 高危 1.0.0 3.0.8, 4.5.2 Arbitrary Code Execution in handlebars

漏洞详情: https://github.com/advisories/GHSA-2cf5-4w76-r9qv

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars GHSA-g9r4-xpmj-mj65 高危 1.0.0 3.0.8, 4.5.3 Prototype Pollution in handlebars

漏洞详情: https://github.com/advisories/GHSA-g9r4-xpmj-mj65

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars GHSA-q2c6-c6pm-g3gh 高危 1.0.0 3.0.8, 4.5.3 Arbitrary Code Execution in handlebars

漏洞详情: https://github.com/advisories/GHSA-q2c6-c6pm-g3gh

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars GHSA-q42p-pg8m-cqh6 高危 1.0.0 4.1.2, 4.0.14, 3.0.7 Prototype Pollution in handlebars

漏洞详情: https://github.com/advisories/GHSA-q42p-pg8m-cqh6

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ini CVE-2020-7788 高危 1.0.0 1.3.6 nodejs-ini: Prototype pollution via malicious INI file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40
json CVE-2020-7712 高危 1.0.0 10.0.0 trentm/json vulnerable to command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7712

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2020-08-30 08:15 修改: 2023-11-07 03:26
npm CVE-2018-7408 高危 1.0.1 5.7.1 Incorrect Permission Assignment for Critical Resource in NPM

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7408

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2018-02-22 18:29 修改: 2019-10-03 00:03
npm CVE-2019-16775 高危 1.0.1 6.13.3 npm: Symlink reference outside of node_modules folder through the bin field upon installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16775

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm CVE-2019-16776 高危 1.0.1 6.13.3 npm: Arbitrary file write via constructed entry in the package.json bin field

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16776

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm CVE-2019-16777 高危 1.0.1 6.13.4 npm: Global node_modules Binary Overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16777

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
path-to-regexp CVE-2024-45296 高危 3.2.0 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
pug CVE-2021-21353 高危 1.0.0 3.0.1 pug: user provided objects as input to pug templates can achieve remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21353

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2021-03-03 02:15 修改: 2021-03-09 15:35
code-server CVE-2021-42648 中危 1.96.2 3.12.0 Cross site scripting in code-server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42648

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2022-05-11 18:15 修改: 2022-05-20 16:33
grunt CVE-2022-0436 中危 1.0.0 1.5.2 Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2.

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0436

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2022-04-12 21:15 修改: 2023-04-06 15:15
npm CVE-2016-3956 中危 1.0.1 >= 2.15.1 <= 3.0.0, >= 3.8.3 npm: bearer token leak to non-registry hosts

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3956

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2016-07-02 14:59 修改: 2021-06-15 16:30
npm CVE-2020-15095 中危 1.0.1 6.14.6 npm: sensitive information exposure through logs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15095

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2020-07-07 19:15 修改: 2023-11-07 03:17
handlebars CVE-2015-8861 中危 1.0.0 >=4.0.0 The handlebars package before 4.0.0 for Node.js allows remote attacker ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8861

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2017-01-23 21:59 修改: 2020-04-22 12:54
handlebars NSWG-ECO-519 中危 1.0.0 >=4.6.0 Denial of Service

漏洞详情: https://hackerone.com/reports/726364

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
pug CVE-2024-36361 中危 1.0.0 3.0.3 Pug allows JavaScript code execution if an application accepts untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36361

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2024-05-24 06:15 修改: 2024-08-02 04:17
npm CVE-2013-4116 低危 1.0.1 >=1.3.3 npm: Insecure temporary directory generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4116

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2014-04-22 14:23 修改: 2020-10-14 13:21
cookie CVE-2024-47764 低危 0.4.1 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
cookie CVE-2024-47764 低危 0.6.0 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
markdown GHSA-wx77-rp39-c6vg 低危 1.0.0 Regular Expression Denial of Service in markdown

漏洞详情: https://github.com/advisories/GHSA-wx77-rp39-c6vg

镜像层: sha256:ccf34aaea3906551d571d4e01291e78c0b6541e4ec3b5436e579b6bc03b377bc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00