docker.io/luxas/autoscale-demo:v0.1.2 linux/amd64

docker.io/luxas/autoscale-demo:v0.1.2 - Trivy安全扫描结果 扫描时间: 2025-02-14 10:03
全部漏洞信息
低危漏洞:4 中危漏洞:36 高危漏洞:34 严重漏洞:4

系统OS: alpine 3.4.6 扫描引擎: Trivy 扫描时间: 2025-02-14 10:03

docker.io/luxas/autoscale-demo:v0.1.2 (alpine 3.4.6) (alpine)
低危漏洞:0 中危漏洞:18 高危漏洞:6 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
zlib CVE-2016-9841 严重 1.2.8-r2 1.2.11-r0 zlib: Out-of-bounds pointer arithmetic in inffast.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-9841

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-05-23 04:29 修改: 2023-11-07 02:37
zlib CVE-2016-9843 严重 1.2.8-r2 1.2.11-r0 zlib: Big-endian out-of-bounds pointer

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-9843

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-05-23 04:29 修改: 2023-11-07 02:37
musl CVE-2017-15650 高危 1.1.14-r14 1.1.14-r16 musl libc before 1.1.17 has a buffer overflow via crafted DNS replies ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15650

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-10-19 23:29 修改: 2017-11-08 16:21
musl-utils CVE-2017-15650 高危 1.1.14-r14 1.1.14-r16 musl libc before 1.1.17 has a buffer overflow via crafted DNS replies ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15650

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-10-19 23:29 修改: 2017-11-08 16:21
libcrypto1.0 CVE-2018-0732 高危 1.0.2k-r0 1.0.2o-r1 openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0732

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-06-12 13:29 修改: 2023-11-07 02:51
libssl1.0 CVE-2018-0732 高危 1.0.2k-r0 1.0.2o-r1 openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0732

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-06-12 13:29 修改: 2023-11-07 02:51
zlib CVE-2016-9840 高危 1.2.8-r2 1.2.11-r0 zlib: Out-of-bounds pointer arithmetic in inftrees.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-9840

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-05-23 04:29 修改: 2023-11-07 02:37
zlib CVE-2016-9842 高危 1.2.8-r2 1.2.11-r0 zlib: Undefined left shift of negative number

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-9842

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-05-23 04:29 修改: 2024-08-28 16:07
libcrypto1.0 CVE-2018-0739 中危 1.0.2k-r0 1.0.2o-r0 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0739

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-03-27 21:29 修改: 2023-11-07 02:51
libcrypto1.0 CVE-2018-5407 中危 1.0.2k-r0 1.0.2q-r0 openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5407

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-11-15 21:29 修改: 2023-11-07 02:58
libcrypto1.0 CVE-2017-3735 中危 1.0.2k-r0 1.0.2m-r0 openssl: Malformed X.509 IPAdressFamily could cause OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3735

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-08-28 19:29 修改: 2022-12-13 12:15
libssl1.0 CVE-2017-3735 中危 1.0.2k-r0 1.0.2m-r0 openssl: Malformed X.509 IPAdressFamily could cause OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3735

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-08-28 19:29 修改: 2022-12-13 12:15
libssl1.0 CVE-2017-3736 中危 1.0.2k-r0 1.0.2m-r0 openssl: bn_sqrx8x_internal carry bug on x86_64

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3736

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-11-02 17:29 修改: 2019-04-23 19:30
libssl1.0 CVE-2017-3737 中危 1.0.2k-r0 1.0.2n-r0 openssl: Read/write after SSL object in error state

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3737

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-12-07 16:29 修改: 2019-10-03 00:03
libssl1.0 CVE-2017-3738 中危 1.0.2k-r0 1.0.2n-r0 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3738

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-12-07 16:29 修改: 2022-08-19 11:49
libssl1.0 CVE-2018-0733 中危 1.0.2k-r0 1.0.2o-r0 openssl: Implementation bug in PA-RISC CRYPTO_memcmp function allows attackers to forge authenticated messages in a reduced number of attempts

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0733

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-03-27 21:29 修改: 2023-11-07 02:51
libssl1.0 CVE-2018-0734 中危 1.0.2k-r0 1.0.2q-r0 openssl: timing side channel attack in the DSA signature algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0734

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-10-30 12:29 修改: 2023-11-07 02:51
libssl1.0 CVE-2018-0737 中危 1.0.2k-r0 1.0.2o-r2 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0737

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-04-16 18:29 修改: 2023-11-07 02:51
libssl1.0 CVE-2018-0739 中危 1.0.2k-r0 1.0.2o-r0 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0739

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-03-27 21:29 修改: 2023-11-07 02:51
libssl1.0 CVE-2018-5407 中危 1.0.2k-r0 1.0.2q-r0 openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5407

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-11-15 21:29 修改: 2023-11-07 02:58
libcrypto1.0 CVE-2017-3736 中危 1.0.2k-r0 1.0.2m-r0 openssl: bn_sqrx8x_internal carry bug on x86_64

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3736

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-11-02 17:29 修改: 2019-04-23 19:30
libcrypto1.0 CVE-2017-3737 中危 1.0.2k-r0 1.0.2n-r0 openssl: Read/write after SSL object in error state

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3737

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-12-07 16:29 修改: 2019-10-03 00:03
libcrypto1.0 CVE-2017-3738 中危 1.0.2k-r0 1.0.2n-r0 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3738

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2017-12-07 16:29 修改: 2022-08-19 11:49
libcrypto1.0 CVE-2018-0733 中危 1.0.2k-r0 1.0.2o-r0 openssl: Implementation bug in PA-RISC CRYPTO_memcmp function allows attackers to forge authenticated messages in a reduced number of attempts

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0733

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-03-27 21:29 修改: 2023-11-07 02:51
libcrypto1.0 CVE-2018-0734 中危 1.0.2k-r0 1.0.2q-r0 openssl: timing side channel attack in the DSA signature algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0734

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-10-30 12:29 修改: 2023-11-07 02:51
libcrypto1.0 CVE-2018-0737 中危 1.0.2k-r0 1.0.2o-r2 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0737

镜像层: sha256:9f8566ee5135862dd980160c27bd7721448a6f7f385bbb81f7f001f1b78a5fbf

发布日期: 2018-04-16 18:29 修改: 2023-11-07 02:51
Node.js (node-pkg)
低危漏洞:4 中危漏洞:18 高危漏洞:28 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
json-schema CVE-2021-3918 严重 0.2.3 0.4.0 nodejs-json-schema: Prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2021-11-13 09:15 修改: 2025-01-17 20:15
minimist CVE-2021-44906 严重 0.0.8 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15
brace-expansion CVE-2017-18077 高危 1.1.6 1.1.7 nodejs-brace-expansion: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18077

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-01-27 12:29 修改: 2018-02-15 18:14
brace-expansion CVE-2017-18077 高危 1.1.6 1.1.7 nodejs-brace-expansion: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18077

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-01-27 12:29 修改: 2018-02-15 18:14
brace-expansion CVE-2017-18077 高危 1.1.6 1.1.7 nodejs-brace-expansion: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18077

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-01-27 12:29 修改: 2018-02-15 18:14
fstream CVE-2019-13173 高危 1.0.10 1.0.12 nodejs-fstream: File overwrite in fstream.DirWriter() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13173

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2019-07-02 20:15 修改: 2020-08-24 17:37
hawk CVE-2022-29167 高危 3.1.3 9.0.1 hawk: REDoS in hawk.utils.parseHost() when parsing Host header

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29167

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-05-05 23:15 修改: 2023-07-21 16:42
hoek CVE-2020-36604 高危 2.16.3 hapi/hoek: Prototype Pollution in @hapi/hoek

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36604

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-09-23 06:15 修改: 2023-11-07 03:22
ini CVE-2020-7788 高危 1.3.4 1.3.6 nodejs-ini: Prototype pollution via malicious INI file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40
brace-expansion CVE-2017-18077 高危 1.1.6 1.1.7 nodejs-brace-expansion: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18077

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-01-27 12:29 修改: 2018-02-15 18:14
minimatch CVE-2022-3517 高危 3.0.3 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
minimatch CVE-2022-3517 高危 3.0.3 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
minimatch CVE-2022-3517 高危 3.0.3 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
minimatch CVE-2022-3517 高危 3.0.3 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
minimatch CVE-2022-3517 高危 3.0.3 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
brace-expansion CVE-2017-18077 高危 1.1.6 1.1.7 nodejs-brace-expansion: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18077

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-01-27 12:29 修改: 2018-02-15 18:14
npm CVE-2018-7408 高危 4.1.2 5.7.1 Incorrect Permission Assignment for Critical Resource in NPM

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7408

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-02-22 18:29 修改: 2019-10-03 00:03
npm CVE-2019-16775 高危 4.1.2 6.13.3 npm: Symlink reference outside of node_modules folder through the bin field upon installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16775

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm CVE-2019-16776 高危 4.1.2 6.13.3 npm: Arbitrary file write via constructed entry in the package.json bin field

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16776

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm CVE-2019-16777 高危 4.1.2 6.13.4 npm: Global node_modules Binary Overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16777

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm-user-validate CVE-2020-7754 高危 0.1.5 1.0.1 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7754

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2020-10-27 15:15 修改: 2020-10-27 17:31
qs CVE-2017-1000048 高危 6.3.0 6.0.4, 6.1.2, 6.2.3, 6.3.2 nodejs-qs: Prototype override protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000048

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2017-07-17 13:18 修改: 2017-12-31 02:29
qs CVE-2022-24999 高危 6.3.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
semver CVE-2022-25883 高危 5.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2023-06-21 05:15 修改: 2024-12-06 17:15
sshpk CVE-2018-3737 高危 1.10.1 1.13.2 nodejs-sshpk: ReDoS when parsing crafted invalid public keys in lib/formats/ssh.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-3737

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-06-07 02:29 修改: 2023-01-30 16:06
sshpk NSWG-ECO-401 高危 1.10.1 >=1.13.2 Denial of Service

漏洞详情: https://hackerone.com/reports/319593

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tar CVE-2018-20834 高危 2.2.1 4.4.2, 2.2.2 nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20834

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2019-04-30 19:29 修改: 2019-09-04 20:15
tar CVE-2021-32804 高危 2.2.1 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12
tar CVE-2021-37713 高危 2.2.1 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40
tough-cookie CVE-2017-15010 高危 2.3.2 2.3.3 nodejs-tough-cookie: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15010

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2017-10-04 01:29 修改: 2023-11-07 02:39
npm CVE-2020-15095 中危 4.1.2 6.14.6 npm: sensitive information exposure through logs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15095

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2020-07-07 19:15 修改: 2023-11-07 03:17
brace-expansion NSWG-ECO-338 中危 1.1.6 >=1.1.7 ReDoS

漏洞详情:

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
brace-expansion NSWG-ECO-338 中危 1.1.6 >=1.1.7 ReDoS

漏洞详情:

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
brace-expansion NSWG-ECO-338 中危 1.1.6 >=1.1.7 ReDoS

漏洞详情:

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
request CVE-2023-28155 中危 2.79.0 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
hosted-git-info CVE-2021-23362 中危 2.1.5 2.8.9, 3.0.8 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23362

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2021-03-23 17:15 修改: 2023-08-08 14:22
brace-expansion NSWG-ECO-338 中危 1.1.6 >=1.1.7 ReDoS

漏洞详情:

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
minimist CVE-2020-7598 中危 0.0.8 0.2.1, 1.2.3 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02
stringstream CVE-2018-21270 中危 0.0.5 0.0.6 nodejs-stringstream: out-of-bounds read leading to uninitialized memory exposure

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-21270

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2020-12-03 21:15 修改: 2021-02-16 14:35
stringstream NSWG-ECO-422 中危 0.0.5 >=0.0.6 Out-of-bounds Read

漏洞详情: https://hackerone.com/reports/321670

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
is-my-json-valid CVE-2018-1107 中危 2.15.0 2.17.2, 1.4.1 nodejs-is-my-json-valid: ReDoS when validating JSON fields with email format

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1107

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2021-03-30 02:15 修改: 2021-04-02 15:16
brace-expansion NSWG-ECO-338 中危 1.1.6 >=1.1.7 ReDoS

漏洞详情:

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
jsonpointer CVE-2021-23807 中危 4.0.0 5.0.0 nodejs-jsonpointer: type confusion vulnerability can lead to a bypass of a previous prototype pollution fix when the pointer components are arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23807

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2021-11-03 18:15 修改: 2021-11-05 18:08
tar CVE-2024-28863 中危 2.2.1 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
extend CVE-2018-16492 中危 3.0.0 3.0.2, 2.0.2 nodejs-extend: Prototype pollution can allow attackers to modify object properties

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16492

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2019-02-01 18:29 修改: 2019-10-09 23:36
tough-cookie CVE-2023-26136 中危 2.3.2 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
tunnel-agent GHSA-xc7v-wxcw-j472 中危 0.4.3 0.6.0 Memory Exposure in tunnel-agent

漏洞详情: https://github.com/advisories/GHSA-xc7v-wxcw-j472

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tunnel-agent NSWG-ECO-393 中危 0.4.3 >=0.6.0 Memory Exposure

漏洞详情:

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
hoek CVE-2018-3728 低危 2.16.3 >=5.0.3 >=4.2.1 hoek: Prototype pollution in utilities function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-3728

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2018-03-30 19:29 修改: 2019-10-09 23:40
chownr CVE-2017-18869 低危 1.0.1 1.1.0 nodejs-chownr: TOCTOU vulnerability in `chownr` function in chownr.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18869

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 2020-06-15 15:15 修改: 2020-06-17 19:51
is-my-json-valid NSWG-ECO-375 低危 2.15.0 >=1.4.1 <2.0.0, >=2.17.2 Regular Expression Denial of Service (ReDoS)

漏洞详情: https://hackerone.com/reports/317548

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
npm-user-validate GHSA-xgh6-85xh-479p 低危 0.1.5 1.0.1 Regular Expression Denial of Service in npm-user-validate

漏洞详情: https://github.com/advisories/GHSA-xgh6-85xh-479p

镜像层: sha256:3a94792c692afc9631607f73501ed27bbb269df54976ae66a02bfce0f03a789b

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00