docker.io/oneacrefund/superset-websocket:slim linux/amd64

docker.io/oneacrefund/superset-websocket:slim - Trivy安全扫描结果 扫描时间: 2026-06-18 09:18
全部漏洞信息
低危漏洞:7 中危漏洞:23 高危漏洞:33 严重漏洞:0

系统OS: alpine 3.16.2 扫描引擎: Trivy 扫描时间: 2026-06-18 09:18

docker.io/oneacrefund/superset-websocket:slim (alpine 3.16.2) (alpine)
低危漏洞:0 中危漏洞:14 高危漏洞:10 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto1.1 CVE-2022-4450 高危 1.1.1q-r0 1.1.1t-r0 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libcrypto1.1 CVE-2023-0215 高危 1.1.1q-r0 1.1.1t-r0 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libcrypto1.1 CVE-2023-0286 高危 1.1.1q-r0 1.1.1t-r0 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libcrypto1.1 CVE-2023-0464 高危 1.1.1q-r0 1.1.1t-r1 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-03-22 17:15 修改: 2025-05-05 16:15
libssl1.1 CVE-2022-4450 高危 1.1.1q-r0 1.1.1t-r0 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1 CVE-2023-0215 高危 1.1.1q-r0 1.1.1t-r0 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1 CVE-2023-0286 高危 1.1.1q-r0 1.1.1t-r0 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1 CVE-2023-0464 高危 1.1.1q-r0 1.1.1t-r1 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-03-22 17:15 修改: 2025-05-05 16:15
musl CVE-2025-26519 高危 1.2.3-r0 1.2.3-r4 musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2025-02-14 04:15 修改: 2025-12-10 20:03
musl-utils CVE-2025-26519 高危 1.2.3-r0 1.2.3-r4 musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2025-02-14 04:15 修改: 2025-12-10 20:03
libcrypto1.1 CVE-2023-5678 中危 1.1.1q-r0 1.1.1w-r1 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
busybox CVE-2023-42366 中危 1.35.0-r17 1.35.0-r18 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
libcrypto1.1 CVE-2022-4304 中危 1.1.1q-r0 1.1.1t-r0 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libcrypto1.1 CVE-2023-0465 中危 1.1.1q-r0 1.1.1t-r2 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-03-28 15:15 修改: 2025-02-18 21:15
libcrypto1.1 CVE-2023-2650 中危 1.1.1q-r0 1.1.1u-r0 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
libssl1.1 CVE-2022-4304 中危 1.1.1q-r0 1.1.1t-r0 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1 CVE-2023-0465 中危 1.1.1q-r0 1.1.1t-r2 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-03-28 15:15 修改: 2025-02-18 21:15
libssl1.1 CVE-2023-2650 中危 1.1.1q-r0 1.1.1u-r0 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
libssl1.1 CVE-2023-3446 中危 1.1.1q-r0 1.1.1u-r2 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
libssl1.1 CVE-2023-3817 中危 1.1.1q-r0 1.1.1v-r0 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
libssl1.1 CVE-2023-5678 中危 1.1.1q-r0 1.1.1w-r1 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
libcrypto1.1 CVE-2023-3446 中危 1.1.1q-r0 1.1.1u-r2 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
libcrypto1.1 CVE-2023-3817 中危 1.1.1q-r0 1.1.1v-r0 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
ssl_client CVE-2023-42366 中危 1.35.0-r17 1.35.0-r18 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
Node.js (node-pkg)
低危漏洞:7 中危漏洞:9 高危漏洞:23 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
http-cache-semantics CVE-2022-25881 高危 4.1.0 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2023-01-31 05:15 修改: 2025-03-27 18:17
ip CVE-2024-29415 高危 2.0.0 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2024-05-27 20:15 修改: 2026-04-15 00:35
jsonwebtoken CVE-2022-23539 高危 8.5.1 9.0.0 jsonwebtoken: Unrestricted key type could lead to legacy keys usagen

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23539

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2022-12-23 00:15 修改: 2024-11-21 06:48
jws CVE-2025-65945 高危 3.2.2 3.2.3, 4.0.1 node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-65945

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2025-12-04 19:16 修改: 2026-03-09 21:19
minimatch CVE-2026-26996 高危 3.1.2 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-26996 高危 3.1.2 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-27903 高危 3.1.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27903 高危 3.1.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27904 高危 3.1.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
minimatch CVE-2026-27904 高危 3.1.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
minimatch CVE-2026-26996 高危 5.1.0 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-27903 高危 5.1.0 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27904 高危 5.1.0 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2023-06-21 05:15 修改: 2025-09-23 15:05
semver CVE-2022-25883 高危 7.3.7 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2023-06-21 05:15 修改: 2025-09-23 15:05
tar CVE-2026-23745 高危 6.1.11 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar CVE-2026-23950 高危 6.1.11 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar CVE-2026-24842 高危 6.1.11 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar CVE-2026-26960 高危 6.1.11 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar CVE-2026-29786 高危 6.1.11 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar CVE-2026-31802 高危 6.1.11 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
ws CVE-2024-37890 高危 8.2.3 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2024-06-17 20:15 修改: 2026-04-15 00:35
ws CVE-2026-48779 高危 8.2.3 5.2.5, 6.2.4, 7.5.11, 8.21.0 ws: Memory exhaustion DoS from tiny fragments and data chunks

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48779

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
brace-expansion CVE-2026-33750 中危 1.1.11 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
brace-expansion CVE-2026-33750 中危 1.1.11 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
brace-expansion CVE-2026-33750 中危 2.0.1 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
tar CVE-2024-28863 中危 6.1.11 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2024-03-21 23:15 修改: 2025-12-16 17:25
tar CVE-2026-53655 中危 6.1.11 7.5.16 node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
uuid CVE-2026-41907 中危 8.3.2 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2026-04-24 19:17 修改: 2026-05-11 13:53
jsonwebtoken CVE-2022-23540 中危 8.5.1 9.0.0 jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23540

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2022-12-22 19:15 修改: 2025-02-13 17:15
jsonwebtoken CVE-2022-23541 中危 8.5.1 9.0.0 jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23541

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2022-12-22 18:15 修改: 2024-11-21 06:48
ws CVE-2026-45736 中危 8.2.3 8.20.1 ws is an open source WebSocket client and server for Node.js. Prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45736

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2026-05-15 15:16 修改: 2026-05-19 14:39
ip CVE-2023-42282 低危 2.0.0 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2024-02-08 17:15 修改: 2025-05-15 20:15
@tootallnate/once CVE-2026-3449 低危 2.0.0 3.0.1, 2.0.1 @tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3449

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-03-03 05:17 修改: 2026-05-19 15:38
brace-expansion CVE-2025-5889 低危 2.0.1 2.0.2, 1.1.12, 3.0.1, 4.0.1 brace-expansion: juliangruber brace-expansion index.js expand redos

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
cookie CVE-2024-47764 低危 0.5.0 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:888ca9093e3fb1566281f4c9cf46e72fced414d49af15c183f94434b9b3723e7

发布日期: 2024-10-04 20:15 修改: 2026-04-15 00:35
diff CVE-2026-24001 低危 5.1.0 8.0.3, 5.2.2, 4.0.4, 3.5.1 jsdiff: denial of service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2026-01-22 03:15 修改: 2026-03-04 15:23
brace-expansion CVE-2025-5889 低危 1.1.11 2.0.2, 1.1.12, 3.0.1, 4.0.1 brace-expansion: juliangruber brace-expansion index.js expand redos

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
brace-expansion CVE-2025-5889 低危 1.1.11 2.0.2, 1.1.12, 3.0.1, 4.0.1 brace-expansion: juliangruber brace-expansion index.js expand redos

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889

镜像层: sha256:11816ca779c7501d7f2ccb459418d09a0a94ee800dde60f03e710aec3ab3c0f4

发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00