docker.io/n8zjgu6r9/mongo-sidecar:v0.5.0 linux/arm64

docker.io/n8zjgu6r9/mongo-sidecar:v0.5.0 - Trivy安全扫描结果 扫描时间: 2024-10-23 20:15 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:37 中危漏洞:29 高危漏洞:65 严重漏洞:12

系统OS: debian 9.13 扫描引擎: Trivy 扫描时间: 2024-10-23 20:15

docker.io/n8zjgu6r9/mongo-sidecar:v0.5.0 (debian 9.13) (debian)
低危漏洞:34 中危漏洞:10 高危漏洞:34 严重漏洞:6
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
dpkg CVE-2022-1664 严重 1.18.25 1.18.26 Dpkg::Source::Archive in dpkg, the Debian package management system, b ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1664

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-05-26 14:15 修改: 2022-12-03 02:19
libbz2-1.0 CVE-2019-12900 严重 1.0.6-8.1 bzip2: out-of-bounds write in function BZ2_decompress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03
libdb5.3 CVE-2019-8457 严重 5.3.28-12+deb9u1 sqlite: heap out-of-bound read in function rtreenode()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-05-30 16:29 修改: 2023-11-07 03:13
liblz4-1 CVE-2021-3520 严重 0.0~r131-2+b1 0.0~r131-2+deb9u1 lz4: memory corruption due to an integer overflow bug caused by memmove argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3520

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-06-02 13:15 修改: 2024-06-06 20:25
login CVE-2017-12424 严重 1:4.4-4.1 1:4.4-4.1+deb9u1 shadow-utils: Buffer overflow via newusers tool

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02
passwd CVE-2017-12424 严重 1:4.4-4.1 1:4.4-4.1+deb9u1 shadow-utils: Buffer overflow via newusers tool

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02
gzip CVE-2022-1271 高危 1.6-5+b1 1.6-5+deb9u1 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
libblkid1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
bsdutils CVE-2016-2779 高危 1:2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libcomerr2 CVE-2022-1304 高危 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
e2fslibs CVE-2022-1304 高危 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
libfdisk1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libgcc1 CVE-2018-12886 高危 1:6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
libgcrypt20 CVE-2021-33560 高危 1.7.6-2+deb9u3 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35
e2fsprogs CVE-2022-1304 高危 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
liblzma5 CVE-2022-1271 高危 5.2.2-1.2+b1 5.2.2-1.2+deb9u1 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
libmount1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libncursesw5 CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libsmartcols1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libss2 CVE-2022-1304 高危 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
libstdc++6 CVE-2018-12886 高危 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
libsystemd0 CVE-2019-3843 高危 232-25+deb9u12 systemd: services with DynamicUser can create SUID/SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libsystemd0 CVE-2019-3844 高危 232-25+deb9u12 systemd: services with DynamicUser can get new privileges and create SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libsystemd0 CVE-2020-1712 高危 232-25+deb9u12 232-25+deb9u14 systemd: use-after-free when asynchronous polkit queries are performed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19
libtinfo5 CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libudev1 CVE-2019-3843 高危 232-25+deb9u12 systemd: services with DynamicUser can create SUID/SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libudev1 CVE-2019-3844 高危 232-25+deb9u12 systemd: services with DynamicUser can get new privileges and create SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libudev1 CVE-2020-1712 高危 232-25+deb9u12 232-25+deb9u14 systemd: use-after-free when asynchronous polkit queries are performed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19
libuuid1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
gcc-6-base CVE-2018-12886 高危 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
login CVE-2017-20002 高危 1:4.4-4.1 1:4.4-4.1+deb9u1 The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58
mount CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
ncurses-base CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-bin CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
gpgv CVE-2018-1000858 高危 2.1.18-8~deb9u4 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43
passwd CVE-2017-20002 高危 1:4.4-4.1 1:4.4-4.1+deb9u1 The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58
perl-base CVE-2020-16156 高危 5.24.1-3+deb9u7 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
util-linux CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
xz-utils CVE-2022-1271 高危 5.2.2-1.2+b1 5.2.2-1.2+deb9u1 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
zlib1g CVE-2018-25032 高危 1:1.2.8.dfsg-5 1:1.2.8.dfsg-5+deb9u1 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
apt CVE-2020-27350 中危 1.4.10 1.4.11 APT had several integer overflows and underflows while parsing .deb pa ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41
libgcrypt20 CVE-2019-13627 中危 1.7.6-2+deb9u3 libgcrypt: ECDSA timing attack allowing private key leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13627

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-09-25 15:15 修改: 2021-07-21 11:39
libgcrypt20 CVE-2021-40528 中危 1.7.6-2+deb9u3 1.7.6-2+deb9u4 libgcrypt: ElGamal implementation allows plaintext recovery

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38
libpcre3 CVE-2020-14155 中危 2:8.39-3 pcre: Integer overflow when parsing callout numeric arguments

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:04
libudev1 CVE-2021-33910 中危 232-25+deb9u12 232-25+deb9u13 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35
libudev1 CVE-2021-3997 中危 232-25+deb9u12 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
tar CVE-2018-20482 中危 1.29b-1.1 1.29b-1.1+deb9u1 tar: Infinite read loop in sparse_dump_region function in sparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20482

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-12-26 18:29 修改: 2021-11-30 19:52
libapt-pkg5.0 CVE-2020-27350 中危 1.4.10 1.4.11 APT had several integer overflows and underflows while parsing .deb pa ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41
libsystemd0 CVE-2021-33910 中危 232-25+deb9u12 232-25+deb9u13 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35
libsystemd0 CVE-2021-3997 中危 232-25+deb9u12 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
libtinfo5 CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
libtinfo5 CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
libtinfo5 CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
libncursesw5 CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
coreutils CVE-2016-2781 低危 8.26-3 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libsepol1 CVE-2021-36084 低危 2.6-2 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1 CVE-2021-36085 低危 2.6-2 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1 CVE-2021-36086 低危 2.6-2 libsepol: use-after-free in cil_reset_classpermission()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libudev1 CVE-2018-16888 低危 232-25+deb9u12 systemd: kills privileged process if unprivileged PIDFile was tampered

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
libudev1 CVE-2018-6954 低危 232-25+deb9u12 systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00
libsepol1 CVE-2021-36087 低危 2.6-2 libsepol: heap-based buffer overflow in ebitmap_match_any()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libuuid1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
bsdutils CVE-2021-37600 低危 1:2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libsmartcols1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
login CVE-2018-7169 低危 1:4.4-4.1 shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03
gpgv CVE-2018-9234 低危 2.1.18-8~deb9u4 GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37
mount CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
liblz4-1 CVE-2019-17543 低危 0.0~r131-2+b1 lz4: heap-based buffer overflow in LZ4_write32

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 02:15 修改: 2023-11-07 03:06
ncurses-base CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
ncurses-base CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
ncurses-base CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
libfdisk1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
ncurses-bin CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
ncurses-bin CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
ncurses-bin CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
libblkid1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libmount1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
passwd CVE-2018-7169 低危 1:4.4-4.1 shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03
gpgv CVE-2019-14855 低危 2.1.18-8~deb9u4 gnupg2: OpenPGP Key Certification Forgeries with SHA-1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28
libncursesw5 CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
libsystemd0 CVE-2018-16888 低危 232-25+deb9u12 systemd: kills privileged process if unprivileged PIDFile was tampered

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
util-linux CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libsystemd0 CVE-2018-6954 低危 232-25+deb9u12 systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00
libncursesw5 CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
tzdata DLA-2963-1 未知 2020d-0+deb9u1 2021a-0+deb9u3 tzdata - new timezone database

漏洞详情:

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata DLA-3051-1 未知 2020d-0+deb9u1 2021a-0+deb9u4 tzdata - new timezone database

漏洞详情:

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
debian-archive-keyring DLA-2948-1 未知 2017.5+deb9u1 2017.5+deb9u2 debian-archive-keyring - security update

漏洞详情:

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata DLA-2509-1 未知 2020d-0+deb9u1 2020e-0+deb9u1 tzdata - new upstream version

漏洞详情:

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata DLA-2542-1 未知 2020d-0+deb9u1 2021a-0+deb9u1 tzdata - new upstream version

漏洞详情:

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata DLA-2797-1 未知 2020d-0+deb9u1 2021a-0+deb9u2 tzdata - new upstream version

漏洞详情:

镜像层: sha256:5537d2699b48e42941b0c938ad4efed4fb56976afd0c617a6d255b1e239a1c58

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
Node.js (node-pkg)
低危漏洞:3 中危漏洞:19 高危漏洞:31 严重漏洞:6
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
json-schema CVE-2021-3918 严重 0.2.3 0.4.0 nodejs-json-schema: Prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2021-11-13 09:15 修改: 2023-02-03 19:15
json-schema CVE-2021-3918 严重 0.2.3 0.4.0 nodejs-json-schema: Prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-11-13 09:15 修改: 2023-02-03 19:15
jsonpath-plus CVE-2024-21534 严重 0.19.0 10.0.0 jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21534

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2024-10-11 13:15 修改: 2024-10-20 12:15
minimist CVE-2021-44906 严重 1.2.5 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15
minimist CVE-2021-44906 严重 1.2.5 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15
underscore CVE-2021-23358 严重 1.10.2 1.12.1 nodejs-underscore: Arbitrary code execution via the template function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
http-cache-semantics CVE-2022-25881 高危 4.1.0 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
ini CVE-2020-7788 高危 1.3.5 1.3.6 nodejs-ini: Prototype pollution via malicious INI file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40
ip CVE-2024-29415 高危 1.1.5 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
ip CVE-2024-29415 高危 1.1.5 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
ansi-regex CVE-2021-3807 高危 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
ansi-regex CVE-2021-3807 高危 4.1.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
ansi-regex CVE-2021-3807 高危 4.1.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
luxon CVE-2023-22467 高危 1.25.0 1.28.1, 2.5.2, 3.2.1 luxon: Inefficient regular expression complexity in luxon.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22467

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2023-01-04 22:15 修改: 2024-02-12 04:15
minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
ansi-regex CVE-2021-3807 高危 4.1.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
decode-uri-component CVE-2022-38900 高危 0.2.0 0.2.1 decode-uri-component: improper input validation resulting in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38900

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2022-11-28 13:15 修改: 2023-11-07 03:50
normalize-url CVE-2021-33502 高危 4.5.0 4.5.1, 5.3.1, 6.0.1 nodejs-normalize-url: ReDoS for data URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33502

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2021-05-24 16:15 修改: 2023-08-08 14:22
npm-user-validate CVE-2020-7754 高危 1.0.0 1.0.1 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7754

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2020-10-27 15:15 修改: 2020-10-27 17:31
qs CVE-2022-24999 高危 6.5.2 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 6.5.2 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 6.9.4 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
shelljs CVE-2022-0144 高危 0.8.4 0.8.5 nodejs-shelljs: improper privilege management

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0144

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2022-01-11 07:15 修改: 2022-02-09 14:17
ssri CVE-2021-27290 高危 6.0.1 6.0.2, 7.1.1, 8.0.1 nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27290

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-03-12 22:15 修改: 2022-05-13 20:51
tar CVE-2021-32803 高危 4.4.13 3.2.3, 4.4.15, 5.0.7, 6.1.2 nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32803

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-08-03 19:15 修改: 2022-07-02 18:28
tar CVE-2021-32804 高危 4.4.13 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12
tar CVE-2021-37701 高危 4.4.13 4.4.16, 5.0.8, 6.1.7 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37701

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-08-31 17:15 修改: 2023-01-19 20:11
tar CVE-2021-37712 高危 4.4.13 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37712

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-08-31 17:15 修改: 2023-02-23 02:28
tar CVE-2021-37713 高危 4.4.13 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40
http-cache-semantics CVE-2022-25881 高危 3.8.1 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
ws CVE-2024-37890 高危 6.2.1 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
ws CVE-2024-37890 高危 7.3.1 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
y18n CVE-2020-7774 高危 4.0.0 3.2.2, 4.0.1, 5.0.5 nodejs-y18n: prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7774

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2020-11-17 13:15 修改: 2022-12-02 19:40
yarn CVE-2021-4435 高危 1.22.5 1.22.13 yarn: untrusted search path

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4435

镜像层: sha256:26aefe6c398e8441a7fcbe7dac58fbae7fd0ae5b4dc7f6f1b89ae1c9de484738

发布日期: 2024-02-04 20:15 修改: 2024-02-13 00:38
jose CVE-2022-36083 中危 1.27.2 1.28.2, 2.0.6, 3.20.4, 4.9.2 JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS w ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36083

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2022-09-07 22:15 修改: 2023-07-21 19:49
jose CVE-2024-28176 中危 1.27.2 4.15.5, 2.0.7 jose: resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28176

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2024-03-09 01:15 修改: 2024-03-30 04:15
shelljs GHSA-64g7-mvw6-v9qj 中危 0.8.4 0.8.5 Improper Privilege Management in shelljs

漏洞详情: https://github.com/advisories/GHSA-64g7-mvw6-v9qj

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
mongodb CVE-2021-32050 中危 3.6.3 3.6.10, 4.17.0, 5.8.0 Some MongoDB Drivers may erroneously publish events containing authent ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32050

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2023-08-29 16:15 修改: 2023-10-06 15:15
ajv CVE-2020-15366 中危 6.10.2 6.12.3 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
ajv CVE-2020-15366 中危 5.5.2 6.12.3 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
path-parse CVE-2021-23343 中危 1.0.6 1.0.7 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23343

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2021-05-04 09:15 修改: 2023-11-07 03:30
path-parse CVE-2021-23343 中危 1.0.6 1.0.7 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23343

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-05-04 09:15 修改: 2023-11-07 03:30
got CVE-2022-33987 中危 6.7.1 12.1.0, 11.8.5 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
tar CVE-2024-28863 中危 4.4.13 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tough-cookie CVE-2023-26136 中危 2.4.3 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
got CVE-2022-33987 中危 9.6.0 12.1.0, 11.8.5 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
hosted-git-info CVE-2021-23362 中危 2.8.8 2.8.9, 3.0.8 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23362

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2021-03-23 17:15 修改: 2023-08-08 14:22
ws CVE-2021-32640 中危 6.2.1 7.4.6, 6.2.2, 5.2.3 nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32640

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2021-05-25 19:15 修改: 2023-11-07 03:35
request CVE-2023-28155 中危 2.88.0 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
ws CVE-2021-32640 中危 7.3.1 7.4.6, 6.2.2, 5.2.3 nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32640

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2021-05-25 19:15 修改: 2023-11-07 03:35
request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
jose CVE-2021-29443 中危 1.27.2 1.28.1, 2.0.5, 3.11.4 Padding Oracle Attack due to Observable Timing Discrepancy in jose

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29443

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2021-04-16 18:15 修改: 2021-04-23 20:38
ip CVE-2023-42282 低危 1.1.5 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:63fd8902d512e0518cb2854ebeac51e48f8b1a15f9618a5e441aabf64308d984

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
ip CVE-2023-42282 低危 1.1.5 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
npm-user-validate GHSA-xgh6-85xh-479p 低危 1.0.0 1.0.1 Regular Expression Denial of Service in npm-user-validate

漏洞详情: https://github.com/advisories/GHSA-xgh6-85xh-479p

镜像层: sha256:0de66caaa72b0dbb44482a5925754905086de9ca5679963eb84d783b38dae626

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00