| @babel/traverse |
CVE-2023-45133 |
严重 |
7.19.6 |
7.23.2, 8.0.0-alpha.4 |
babel: arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45133
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2023-10-12 17:15 修改: 2023-10-24 16:52
|
| basic-auth-connect |
CVE-2024-47178 |
高危 |
1.0.0 |
1.1.0 |
basic-auth-connect: timing-unsafe equality comparison can leak timing information
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47178
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-09-30 16:15 修改: 2024-10-04 13:51
|
| body-parser |
CVE-2024-45590 |
高危 |
1.20.1 |
1.20.3 |
body-parser: Denial of Service Vulnerability in body-parser
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
|
| ip |
CVE-2024-29415 |
高危 |
2.0.0 |
|
node-ip: Incomplete fix for CVE-2023-42282
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
|
| json5 |
CVE-2022-46175 |
高危 |
2.2.1 |
2.2.2, 1.0.2 |
json5: Prototype Pollution in JSON5 via Parse Method
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15
|
| path-to-regexp |
CVE-2024-45296 |
高危 |
0.1.7 |
1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 |
path-to-regexp: Backtracking regular expressions cause ReDoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
|
| semver |
CVE-2022-25883 |
高危 |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
nodejs-semver: Regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
|
| express |
CVE-2024-43796 |
中危 |
4.18.2 |
4.20.0, 5.0.0 |
express: Improper Input Handling in Express Redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43796
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:07
|
| mongo-express |
CVE-2023-52555 |
中危 |
1.0.2 |
|
mongo-express Cross-site Request Forgery vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52555
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-03-01 08:15 修改: 2024-08-29 20:35
|
| mongodb |
CVE-2021-32050 |
中危 |
4.13.0 |
3.6.10, 4.17.0, 5.8.0 |
Some MongoDB Drivers may erroneously publish events containing authent ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32050
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2023-08-29 16:15 修改: 2023-10-06 15:15
|
| fast-xml-parser |
CVE-2023-26920 |
中危 |
4.0.11 |
4.1.2 |
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26920
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2023-12-12 17:15 修改: 2023-12-14 20:41
|
| express |
CVE-2024-29041 |
中危 |
4.18.2 |
4.19.2, 5.0.0-beta.3 |
express: cause malformed URLs to be evaluated
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29041
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-03-25 21:15 修改: 2024-03-26 12:55
|
| send |
CVE-2024-43799 |
中危 |
0.18.0 |
0.19.0 |
send: Code Execution Vulnerability in Send Library
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
|
| serve-static |
CVE-2024-43800 |
中危 |
1.15.0 |
1.16.0, 2.1.0 |
serve-static: Improper Sanitization in serve-static
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
|
| cookie |
CVE-2024-47764 |
低危 |
0.4.0 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| cookie |
CVE-2024-47764 |
低危 |
0.4.1 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| cookie |
CVE-2024-47764 |
低危 |
0.4.2 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| cookie |
CVE-2024-47764 |
低危 |
0.5.0 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| ip |
CVE-2023-42282 |
低危 |
2.0.0 |
2.0.1, 1.1.9 |
nodejs-ip: arbitrary code execution via the isPublic() function
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
|
| es5-ext |
CVE-2024-27088 |
低危 |
0.10.62 |
0.10.63 |
es5-ext contains ECMAScript 5 extensions. Passing functions with very ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27088
镜像层: sha256:968b021a62754a8b96eb88196b5b0954e76183405340e1f8de5675bcf13869a8
发布日期: 2024-02-26 17:15 修改: 2024-02-26 22:10
|