docker.io/openmaptiles/generate-vectortiles:latest linux/amd64

docker.io/openmaptiles/generate-vectortiles:latest - Trivy安全扫描结果 扫描时间: 2024-11-27 18:01
全部漏洞信息
低危漏洞:59 中危漏洞:82 高危漏洞:156 严重漏洞:23

系统OS: debian 9.11 扫描引擎: Trivy 扫描时间: 2024-11-27 18:01

docker.io/openmaptiles/generate-vectortiles:latest (debian 9.11) (debian)
低危漏洞:55 中危漏洞:57 高危漏洞:117 严重漏洞:16
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
curl CVE-2019-5481 严重 7.52.1-5+deb9u9 7.52.1-5+deb9u10 curl: double free due to subsequent call of realloc()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5481

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11

curl CVE-2019-5482 严重 7.52.1-5+deb9u9 7.52.1-5+deb9u10 curl: heap buffer overflow in function tftp_receive_packet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5482

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11

dpkg CVE-2022-1664 严重 1.18.25 1.18.26 Dpkg::Source::Archive in dpkg, the Debian package management system, b ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1664

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-05-26 14:15 修改: 2022-12-03 02:19

libbz2-1.0 CVE-2019-12900 严重 1.0.6-8.1 bzip2: out-of-bounds write in function BZ2_decompress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03

libcurl3 CVE-2019-5481 严重 7.52.1-5+deb9u9 7.52.1-5+deb9u10 curl: double free due to subsequent call of realloc()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5481

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11

libcurl3 CVE-2019-5482 严重 7.52.1-5+deb9u9 7.52.1-5+deb9u10 curl: heap buffer overflow in function tftp_receive_packet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5482

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11

libdb5.3 CVE-2019-8457 严重 5.3.28-12+deb9u1 sqlite: heap out-of-bound read in function rtreenode()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-05-30 16:29 修改: 2023-11-07 03:13

libidn11 CVE-2017-14062 严重 1.33-1 1.33-1+deb9u1 libidn2: Integer overflow in puny_decode.c/decode_digit

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14062

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2017-08-31 16:29 修改: 2020-12-07 20:17

libldap-2.4-2 CVE-2022-29155 严重 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u9 openldap: OpenLDAP SQL injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56

libldap-common CVE-2022-29155 严重 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u9 openldap: OpenLDAP SQL injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56

liblz4-1 CVE-2021-3520 严重 0.0~r131-2+b1 0.0~r131-2+deb9u1 lz4: memory corruption due to an integer overflow bug caused by memmove argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3520

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-06-02 13:15 修改: 2024-06-06 20:25

libsqlite3-0 CVE-2019-8457 严重 3.16.2-5+deb9u1 sqlite: heap out-of-bound read in function rtreenode()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-05-30 16:29 修改: 2023-11-07 03:13

libssl1.1 CVE-2022-1292 严重 1.1.0l-1~deb9u1 1.1.0l-1~deb9u6 openssl: c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41

login CVE-2017-12424 严重 1:4.4-4.1 1:4.4-4.1+deb9u1 shadow-utils: Buffer overflow via newusers tool

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02

openssl CVE-2022-1292 严重 1.1.0l-1~deb9u1 1.1.0l-1~deb9u6 openssl: c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41

passwd CVE-2017-12424 严重 1:4.4-4.1 1:4.4-4.1+deb9u1 shadow-utils: Buffer overflow via newusers tool

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02

gpgv CVE-2018-1000858 高危 2.1.18-8~deb9u4 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43

gzip CVE-2022-1271 高危 1.6-5+b1 1.6-5+deb9u1 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

libblkid1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

curl CVE-2019-5436 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u10 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5436

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-05-28 19:29 修改: 2023-11-07 03:11

libcomerr2 CVE-2022-1304 高危 1.43.4-2+deb9u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15

curl CVE-2020-8177 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u11 curl: Incorrect argument check can allow remote servers to overwrite local files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8177

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

curl CVE-2020-8231 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u12 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

libcurl3 CVE-2019-5436 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u10 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5436

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-05-28 19:29 修改: 2023-11-07 03:11

libcurl3 CVE-2020-8177 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u11 curl: Incorrect argument check can allow remote servers to overwrite local files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8177

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

libcurl3 CVE-2020-8231 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u12 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

libcurl3 CVE-2020-8285 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u13 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libcurl3 CVE-2020-8286 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u13 curl: Inferior OCSP verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libcurl3 CVE-2021-22946 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u16 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12

curl CVE-2020-8285 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u13 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libfdisk1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

libgcc1 CVE-2018-12886 高危 1:6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37

libgcrypt20 CVE-2021-33560 高危 1.7.6-2+deb9u3 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35

libgmp10 CVE-2021-43618 高危 2:6.1.2+dfsg-1 2:6.1.2+dfsg-1+deb9u1 gmp: Integer overflow and resultant buffer overflow via crafted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43618

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-11-15 04:15 修改: 2023-09-29 15:15

libgnutls30 CVE-2019-3829 高危 3.5.8-5+deb9u4 3.5.8-5+deb9u5 gnutls: use-after-free/double-free in certificate verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3829

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-03-27 18:29 修改: 2023-11-07 03:10

libgssapi-krb5-2 CVE-2020-28196 高危 1.15-1+deb9u1 1.15-1+deb9u2 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21

libhogweed4 CVE-2021-20305 高危 3.3-1+b2 3.3-1+deb9u1 nettle: Out of bounds memory access in signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29

libhogweed4 CVE-2021-3580 高危 3.3-1+b2 3.3-1+deb9u1 nettle: Remote crash in RSA decryption via manipulated ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15

curl CVE-2020-8286 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u13 curl: Inferior OCSP verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libk5crypto3 CVE-2020-28196 高危 1.15-1+deb9u1 1.15-1+deb9u2 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21

libkrb5-3 CVE-2020-28196 高危 1.15-1+deb9u1 1.15-1+deb9u2 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21

libkrb5support0 CVE-2020-28196 高危 1.15-1+deb9u1 1.15-1+deb9u2 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21

curl CVE-2021-22946 高危 7.52.1-5+deb9u9 7.52.1-5+deb9u16 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12

libldap-2.4-2 CVE-2020-12243 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u4 openldap: denial of service via nested boolean expressions in LDAP search filters

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12243

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-04-28 19:15 修改: 2022-04-29 13:24

libldap-2.4-2 CVE-2020-25692 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u5 openldap: NULL pointer dereference for unauthenticated packet in slapd

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25692

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-08 01:15 修改: 2022-10-12 14:27

libldap-2.4-2 CVE-2020-25709 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u6 openldap: assertion failure in Certificate List syntax validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25709

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:20

libldap-2.4-2 CVE-2020-25710 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u6 openldap: assertion failure in CSN normalization with invalid input

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25710

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-05-28 11:15 修改: 2023-11-07 03:20

libldap-2.4-2 CVE-2020-36221 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36221

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36222 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Assertion failure in slapd in the saslAuthzTo validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36222

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36223 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Out-of-bounds read in Values Return Filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36223

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36224 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Invalid pointer free in the saslAuthzTo processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36224

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36225 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Double free in the saslAuthzTo processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36225

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36226 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Denial of service via length miscalculation in slap_parse_user

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36226

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36227 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Infinite loop in slapd with the cancel_extop Cancel operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36227

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36228 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36228

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36229 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Type confusion in ad_keystring in ad.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36229

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2020-36230 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Assertion failure in ber_next_element in decode.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36230

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-2.4-2 CVE-2021-27212 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u8 openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27212

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-14 03:15 修改: 2023-11-07 03:31

dirmngr CVE-2018-1000858 高危 2.1.18-8~deb9u4 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43

libldap-common CVE-2020-12243 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u4 openldap: denial of service via nested boolean expressions in LDAP search filters

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12243

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-04-28 19:15 修改: 2022-04-29 13:24

libldap-common CVE-2020-25692 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u5 openldap: NULL pointer dereference for unauthenticated packet in slapd

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25692

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-08 01:15 修改: 2022-10-12 14:27

libldap-common CVE-2020-25709 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u6 openldap: assertion failure in Certificate List syntax validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25709

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:20

libldap-common CVE-2020-25710 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u6 openldap: assertion failure in CSN normalization with invalid input

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25710

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-05-28 11:15 修改: 2023-11-07 03:20

libldap-common CVE-2020-36221 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36221

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36222 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Assertion failure in slapd in the saslAuthzTo validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36222

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36223 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Out-of-bounds read in Values Return Filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36223

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36224 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Invalid pointer free in the saslAuthzTo processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36224

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36225 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Double free in the saslAuthzTo processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36225

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36226 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Denial of service via length miscalculation in slap_parse_user

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36226

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36227 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Infinite loop in slapd with the cancel_extop Cancel operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36227

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36228 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36228

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36229 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Type confusion in ad_keystring in ad.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36229

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2020-36230 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u7 openldap: Assertion failure in ber_next_element in decode.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36230

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22

libldap-common CVE-2021-27212 高危 2.4.44+dfsg-5+deb9u3 2.4.44+dfsg-5+deb9u8 openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27212

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-14 03:15 修改: 2023-11-07 03:31

bsdutils CVE-2016-2779 高危 1:2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

liblzma5 CVE-2022-1271 高危 5.2.2-1.2+b1 5.2.2-1.2+deb9u1 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

libmount1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

libncursesw5 CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46

libnettle6 CVE-2021-20305 高危 3.3-1+b2 3.3-1+deb9u1 nettle: Out of bounds memory access in signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29

libnettle6 CVE-2021-3580 高危 3.3-1+b2 3.3-1+deb9u1 nettle: Remote crash in RSA decryption via manipulated ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15

libnghttp2-14 CVE-2018-1000168 高危 1.18.1-1+deb9u1 1.18.1-1+deb9u2 nghttp2: Null pointer dereference when too large ALTSVC frame is received

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000168

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-05-08 15:29 修改: 2022-08-16 13:01

libnghttp2-14 CVE-2020-11080 高危 1.18.1-1+deb9u1 1.18.1-1+deb9u2 nghttp2: overly large SETTINGS frames can lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11080

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-06-03 23:15 修改: 2023-11-07 03:14

libp11-kit0 CVE-2020-29361 高危 0.23.3-2 0.23.3-2+deb9u1 p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21

libsasl2-2 CVE-2022-24407 高危 2.1.27~101-g0780600+dfsg-3+deb9u1 2.1.27~101-g0780600+dfsg-3+deb9u2 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44

libsasl2-modules-db CVE-2022-24407 高危 2.1.27~101-g0780600+dfsg-3+deb9u1 2.1.27~101-g0780600+dfsg-3+deb9u2 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44

libsmartcols1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

e2fslibs CVE-2022-1304 高危 1.43.4-2+deb9u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15

libsqlite3-0 CVE-2018-20346 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20346

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-21 21:29 修改: 2023-11-07 02:56

libsqlite3-0 CVE-2018-20506 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20506

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-04-03 18:29 修改: 2021-07-31 08:15

libsqlite3-0 CVE-2018-8740 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-8740

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-17 00:29 修改: 2023-11-07 03:01

libsqlite3-0 CVE-2019-20218 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u3 sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20218

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-01-02 14:16 修改: 2022-10-07 17:56

libsqlite3-0 CVE-2019-5827 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5827

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-06-27 17:15 修改: 2023-11-07 03:12

libsqlite3-0 CVE-2019-9936 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9936

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

libsqlite3-0 CVE-2019-9937 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: null-pointer dereference in function fts5ChunkIterate in sqlite3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9937

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

libsqlite3-0 CVE-2020-11655 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: malformed window-function query leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11655

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-04-09 03:15 修改: 2022-04-08 10:34

libsqlite3-0 CVE-2020-13630 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13630

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-05-27 15:15 修改: 2023-11-07 03:16

libsqlite3-0 CVE-2020-13871 高危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: use-after-free in resetAccumulator in select.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13871

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-06-06 16:15 修改: 2023-11-07 03:16

libss2 CVE-2022-1304 高危 1.43.4-2+deb9u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15

libssh2-1 CVE-2019-13115 高危 1.7.0-1+deb9u1 1.7.0-1+deb9u2 libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13115

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-07-16 18:15 修改: 2023-11-07 03:03

libssh2-1 CVE-2019-17498 高危 1.7.0-1+deb9u1 1.7.0-1+deb9u2 libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17498

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-10-21 22:15 修改: 2023-11-07 03:06

libssl1.0.2 CVE-2021-23840 高危 1.0.2u-1~deb9u1 1.0.2u-1~deb9u4 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

libssl1.0.2 CVE-2021-3712 高危 1.0.2u-1~deb9u1 1.0.2u-1~deb9u6 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

libssl1.0.2 CVE-2022-0778 高危 1.0.2u-1~deb9u1 1.0.2u-1~deb9u7 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

e2fsprogs CVE-2022-1304 高危 1.43.4-2+deb9u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15

libssl1.1 CVE-2021-23840 高危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u3 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2021-3712 高危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u4 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2022-0778 高危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

libstdc++6 CVE-2018-12886 高危 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37

libsystemd0 CVE-2019-3843 高危 232-25+deb9u12 systemd: services with DynamicUser can create SUID/SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10

libsystemd0 CVE-2019-3844 高危 232-25+deb9u12 systemd: services with DynamicUser can get new privileges and create SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10

libsystemd0 CVE-2020-1712 高危 232-25+deb9u12 232-25+deb9u14 systemd: use-after-free when asynchronous polkit queries are performed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19

libtinfo5 CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46

libudev1 CVE-2019-3843 高危 232-25+deb9u12 systemd: services with DynamicUser can create SUID/SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10

libudev1 CVE-2019-3844 高危 232-25+deb9u12 systemd: services with DynamicUser can get new privileges and create SGID binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10

libudev1 CVE-2020-1712 高危 232-25+deb9u12 232-25+deb9u14 systemd: use-after-free when asynchronous polkit queries are performed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19

libuuid1 CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

gcc-6-base CVE-2018-12886 高危 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37

login CVE-2017-20002 高危 1:4.4-4.1 1:4.4-4.1+deb9u1 The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58

mount CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

ncurses-base CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46

ncurses-bin CVE-2022-29458 高危 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46

gnupg CVE-2018-1000858 高危 2.1.18-8~deb9u4 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43

openssl CVE-2021-23840 高危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u3 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl CVE-2021-3712 高危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u4 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

openssl CVE-2022-0778 高危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

gnupg-agent CVE-2018-1000858 高危 2.1.18-8~deb9u4 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43

passwd CVE-2017-20002 高危 1:4.4-4.1 1:4.4-4.1+deb9u1 The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58

perl-base CVE-2020-10543 高危 5.24.1-3+deb9u5 5.24.1-3+deb9u7 perl: heap-based buffer overflow in regular expression compiler leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10543

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-06-05 14:15 修改: 2023-11-07 03:14

perl-base CVE-2020-10878 高危 5.24.1-3+deb9u5 5.24.1-3+deb9u7 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10878

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-06-05 14:15 修改: 2023-11-07 03:14

perl-base CVE-2020-12723 高危 5.24.1-3+deb9u5 5.24.1-3+deb9u7 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12723

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-06-05 15:15 修改: 2023-11-07 03:15

perl-base CVE-2020-16156 高危 5.24.1-3+deb9u5 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18

util-linux CVE-2016-2779 高危 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14

zlib1g CVE-2018-25032 高危 1:1.2.8.dfsg-5 1:1.2.8.dfsg-5+deb9u1 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56

libsqlite3-0 CVE-2019-19645 中危 3.16.2-5+deb9u1 sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19645

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-12-09 16:15 修改: 2022-04-15 16:14

libsqlite3-0 CVE-2020-13434 中危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: integer overflow in sqlite3_str_vappendf function in printf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13434

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-05-24 22:15 修改: 2023-11-07 03:16

libsqlite3-0 CVE-2020-13631 中危 3.16.2-5+deb9u1 sqlite: Virtual table can be renamed into the name of one of its shadow tables

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13631

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-05-27 15:15 修改: 2023-11-07 03:16

libsqlite3-0 CVE-2020-13632 中危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13632

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-05-27 15:15 修改: 2023-11-07 03:16

libkrb5-3 CVE-2018-20217 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: Reachable assertion in the KDC using S4U2Self requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56

libss2 CVE-2019-5188 中危 1.43.4-2+deb9u1 1.43.4-2+deb9u2 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5188

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-01-08 16:15 修改: 2023-11-07 03:11

libkrb5-3 CVE-2018-5710 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58

libkrb5-3 CVE-2018-5729 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52

libkrb5-3 CVE-2021-37750 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37

curl CVE-2021-22876 中危 7.52.1-5+deb9u9 7.52.1-5+deb9u14 curl: Leak of authentication credentials in URL via automatic Referer

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47

libkrb5support0 CVE-2018-20217 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: Reachable assertion in the KDC using S4U2Self requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56

libssl1.0.2 CVE-2020-1971 中危 1.0.2u-1~deb9u1 1.0.2u-1~deb9u3 openssl: EDIPARTYNAME NULL pointer de-reference

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15

libssl1.0.2 CVE-2021-23841 中危 1.0.2u-1~deb9u1 1.0.2u-1~deb9u4 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

libkrb5support0 CVE-2018-5710 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58

libkrb5support0 CVE-2018-5729 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52

libkrb5support0 CVE-2021-37750 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37

e2fslibs CVE-2019-5188 中危 1.43.4-2+deb9u1 1.43.4-2+deb9u2 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5188

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-01-08 16:15 修改: 2023-11-07 03:11

libssl1.1 CVE-2019-1551 中危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u5 openssl: Integer overflow in RSAZ modular exponentiation on x86_64

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1551

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-12-06 18:15 修改: 2023-11-07 03:08

libssl1.1 CVE-2020-1971 中危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u2 openssl: EDIPARTYNAME NULL pointer de-reference

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2021-23841 中危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u3 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2021-4160 中危 1.1.0l-1~deb9u1 openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4160

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-01-28 22:15 修改: 2024-06-21 19:15

curl CVE-2021-22947 中危 7.52.1-5+deb9u9 7.52.1-5+deb9u16 curl: Server responses received before STARTTLS processed after TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03

libgcrypt20 CVE-2019-13627 中危 1.7.6-2+deb9u3 libgcrypt: ECDSA timing attack allowing private key leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13627

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-09-25 15:15 修改: 2021-07-21 11:39

libgcrypt20 CVE-2021-40528 中危 1.7.6-2+deb9u3 1.7.6-2+deb9u4 libgcrypt: ElGamal implementation allows plaintext recovery

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38

libapt-pkg5.0 CVE-2020-27350 中危 1.4.9 1.4.11 APT had several integer overflows and underflows while parsing .deb pa ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41

libsystemd0 CVE-2021-33910 中危 232-25+deb9u12 232-25+deb9u13 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

libsystemd0 CVE-2021-3997 中危 232-25+deb9u12 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

libapt-pkg5.0 CVE-2020-3810 中危 1.4.9 1.4.10 Missing input validation in the ar/tar implementations of APT before v ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-3810

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-05-15 14:15 修改: 2023-11-07 03:23

libnettle6 CVE-2018-16869 中危 3.3-1+b2 nettle: Leaky data conversion exposing a manager oracle

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16869

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-03 14:29 修改: 2023-02-03 14:25

libgnutls30 CVE-2018-16868 中危 3.5.8-5+deb9u4 gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16868

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-03 14:29 修改: 2022-11-30 21:20

libgnutls30 CVE-2021-4209 中危 3.5.8-5+deb9u4 GnuTLS: Null pointer dereference in MD_UPDATE

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4209

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-08-24 16:15 修改: 2022-10-27 16:57

libudev1 CVE-2021-33910 中危 232-25+deb9u12 232-25+deb9u13 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

libudev1 CVE-2021-3997 中危 232-25+deb9u12 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

e2fsprogs CVE-2019-5188 中危 1.43.4-2+deb9u1 1.43.4-2+deb9u2 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5188

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-01-08 16:15 修改: 2023-11-07 03:11

libp11-kit0 CVE-2020-29362 中危 0.23.3-2 0.23.3-2+deb9u1 p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50

libpcre3 CVE-2020-14155 中危 2:8.39-3 pcre: Integer overflow when parsing callout numeric arguments

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:04

libgssapi-krb5-2 CVE-2018-20217 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: Reachable assertion in the KDC using S4U2Self requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56

libgssapi-krb5-2 CVE-2018-5710 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58

libgssapi-krb5-2 CVE-2018-5729 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52

libgssapi-krb5-2 CVE-2021-37750 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37

apt CVE-2020-3810 中危 1.4.9 1.4.10 Missing input validation in the ar/tar implementations of APT before v ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-3810

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-05-15 14:15 修改: 2023-11-07 03:23

apt CVE-2020-27350 中危 1.4.9 1.4.11 APT had several integer overflows and underflows while parsing .deb pa ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41

libhogweed4 CVE-2018-16869 中危 3.3-1+b2 nettle: Leaky data conversion exposing a manager oracle

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16869

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-03 14:29 修改: 2023-02-03 14:25

openssl CVE-2019-1551 中危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u5 openssl: Integer overflow in RSAZ modular exponentiation on x86_64

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1551

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-12-06 18:15 修改: 2023-11-07 03:08

openssl CVE-2020-1971 中危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u2 openssl: EDIPARTYNAME NULL pointer de-reference

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15

openssl CVE-2021-23841 中危 1.1.0l-1~deb9u1 1.1.0l-1~deb9u3 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl CVE-2021-4160 中危 1.1.0l-1~deb9u1 openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4160

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-01-28 22:15 修改: 2024-06-21 19:15

libcurl3 CVE-2021-22876 中危 7.52.1-5+deb9u9 7.52.1-5+deb9u14 curl: Leak of authentication credentials in URL via automatic Referer

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47

libcurl3 CVE-2021-22947 中危 7.52.1-5+deb9u9 7.52.1-5+deb9u16 curl: Server responses received before STARTTLS processed after TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03

libk5crypto3 CVE-2018-20217 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: Reachable assertion in the KDC using S4U2Self requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56

libk5crypto3 CVE-2018-5710 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58

libk5crypto3 CVE-2018-5729 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52

libk5crypto3 CVE-2021-37750 中危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37

tar CVE-2018-20482 中危 1.29b-1.1 1.29b-1.1+deb9u1 tar: Infinite read loop in sparse_dump_region function in sparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20482

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-12-26 18:29 修改: 2021-11-30 19:52

libcomerr2 CVE-2019-5188 中危 1.43.4-2+deb9u1 1.43.4-2+deb9u2 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5188

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-01-08 16:15 修改: 2023-11-07 03:11

wget CVE-2021-31879 中危 1.18-5+deb9u3 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52

libsqlite3-0 CVE-2019-16168 中危 3.16.2-5+deb9u1 3.16.2-5+deb9u2 sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16168

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2019-09-09 17:15 修改: 2023-11-07 03:05

libsepol1 CVE-2021-36086 低危 2.6-2 libsepol: use-after-free in cil_reset_classpermission()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol1 CVE-2021-36087 低危 2.6-2 libsepol: heap-based buffer overflow in ebitmap_match_any()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

bsdutils CVE-2021-37600 低危 1:2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

libsmartcols1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

dirmngr CVE-2018-9234 低危 2.1.18-8~deb9u4 GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37

libcurl3 CVE-2020-8284 低危 7.52.1-5+deb9u9 7.52.1-5+deb9u13 curl: FTP PASV command response can cause curl to connect to arbitrary host

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50

libgssapi-krb5-2 CVE-2017-11462 低危 1.15-1+deb9u1 krb5: Automatic sec context deletion could lead to double-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38

libsystemd0 CVE-2018-16888 低危 232-25+deb9u12 systemd: kills privileged process if unprivileged PIDFile was tampered

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53

libsystemd0 CVE-2018-6954 低危 232-25+deb9u12 systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00

libkrb5support0 CVE-2017-11462 低危 1.15-1+deb9u1 krb5: Automatic sec context deletion could lead to double-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38

libtinfo5 CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

libtinfo5 CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

libtinfo5 CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

libkrb5support0 CVE-2018-5730 低危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53

libgssapi-krb5-2 CVE-2018-5730 低危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53

libcurl3 CVE-2021-22898 低危 7.52.1-5+deb9u9 7.52.1-5+deb9u15 curl: TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47

libcurl3 CVE-2021-22924 低危 7.52.1-5+deb9u9 7.52.1-5+deb9u15 curl: Bad connection reuse due to flawed path name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

libblkid1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

libudev1 CVE-2018-16888 低危 232-25+deb9u12 systemd: kills privileged process if unprivileged PIDFile was tampered

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53

libudev1 CVE-2018-6954 低危 232-25+deb9u12 systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00

dirmngr CVE-2019-14855 低危 2.1.18-8~deb9u4 gnupg2: OpenPGP Key Certification Forgeries with SHA-1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28

libuuid1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

libfdisk1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

gnupg CVE-2018-9234 低危 2.1.18-8~deb9u4 GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37

login CVE-2018-7169 低危 1:4.4-4.1 shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03

liblz4-1 CVE-2019-17543 低危 0.0~r131-2+b1 lz4: heap-based buffer overflow in LZ4_write32

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 02:15 修改: 2023-11-07 03:06

mount CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

gnupg CVE-2019-14855 低危 2.1.18-8~deb9u4 gnupg2: OpenPGP Key Certification Forgeries with SHA-1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28

ncurses-base CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

ncurses-base CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

ncurses-base CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

coreutils CVE-2016-2781 低危 8.26-3 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32

ncurses-bin CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

ncurses-bin CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

ncurses-bin CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

libmount1 CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

gnupg-agent CVE-2018-9234 低危 2.1.18-8~deb9u4 GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37

libncursesw5 CVE-2018-19211 低危 6.0+20161126-1+deb9u2 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

libncursesw5 CVE-2019-17594 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

libncursesw5 CVE-2019-17595 低危 6.0+20161126-1+deb9u2 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

libk5crypto3 CVE-2017-11462 低危 1.15-1+deb9u1 krb5: Automatic sec context deletion could lead to double-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38

libk5crypto3 CVE-2018-5730 低危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53

gnupg-agent CVE-2019-14855 低危 2.1.18-8~deb9u4 gnupg2: OpenPGP Key Certification Forgeries with SHA-1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28

curl CVE-2020-8284 低危 7.52.1-5+deb9u9 7.52.1-5+deb9u13 curl: FTP PASV command response can cause curl to connect to arbitrary host

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50

gpgv CVE-2018-9234 低危 2.1.18-8~deb9u4 GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37

passwd CVE-2018-7169 低危 1:4.4-4.1 shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03

libssl1.0.2 CVE-2020-1968 低危 1.0.2u-1~deb9u1 1.0.2u-1~deb9u2 openssl: Information exposure when DH secret are reused across multiple TLS connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1968

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-09-09 14:15 修改: 2022-11-21 19:48

gpgv CVE-2019-14855 低危 2.1.18-8~deb9u4 gnupg2: OpenPGP Key Certification Forgeries with SHA-1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28

curl CVE-2021-22898 低危 7.52.1-5+deb9u9 7.52.1-5+deb9u15 curl: TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47

libkrb5-3 CVE-2017-11462 低危 1.15-1+deb9u1 krb5: Automatic sec context deletion could lead to double-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38

libkrb5-3 CVE-2018-5730 低危 1.15-1+deb9u1 1.15-1+deb9u3 krb5: DN container check bypass by supplying special crafted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53

curl CVE-2021-22924 低危 7.52.1-5+deb9u9 7.52.1-5+deb9u15 curl: Bad connection reuse due to flawed path name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

util-linux CVE-2021-37600 低危 2.29.2-1+deb9u1 util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15

libsepol1 CVE-2021-36084 低危 2.6-2 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol1 CVE-2021-36085 低危 2.6-2 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

tzdata DLA-2424-1 未知 2019c-0+deb9u1 2020d-0+deb9u1 tzdata - new upstream version

漏洞详情:

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tzdata DLA-2509-1 未知 2019c-0+deb9u1 2020e-0+deb9u1 tzdata - new upstream version

漏洞详情:

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tzdata DLA-2542-1 未知 2019c-0+deb9u1 2021a-0+deb9u1 tzdata - new upstream version

漏洞详情:

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tzdata DLA-2797-1 未知 2019c-0+deb9u1 2021a-0+deb9u2 tzdata - new upstream version

漏洞详情:

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tzdata DLA-2963-1 未知 2019c-0+deb9u1 2021a-0+deb9u3 tzdata - new timezone database

漏洞详情:

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tzdata DLA-3051-1 未知 2019c-0+deb9u1 2021a-0+deb9u4 tzdata - new timezone database

漏洞详情:

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

ca-certificates DLA-2593-1 未知 20161130+nmu1+deb9u1 20200601~deb9u2 ca-certificates - whitelist Symantec CA

漏洞详情:

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libssl1.0.2 DLA-2761-1 未知 1.0.2u-1~deb9u1 1.0.2u-1~deb9u5 openssl1.0 - security update

漏洞详情:

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

debian-archive-keyring DLA-2948-1 未知 2017.5+deb9u1 2017.5+deb9u2 debian-archive-keyring - security update

漏洞详情:

镜像层: sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libgnutls30 DLA-2759-1 未知 3.5.8-5+deb9u4 3.5.8-5+deb9u6 gnutls28 - security update

漏洞详情:

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Node.js (node-pkg)
低危漏洞:4 中危漏洞:25 高危漏洞:39 严重漏洞:7
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
deep-extend CVE-2018-3750 严重 0.4.2 0.5.1 nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-3750

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2018-07-03 21:29 修改: 2018-08-23 13:12

json-schema CVE-2021-3918 严重 0.2.3 0.4.0 nodejs-json-schema: Prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2021-11-13 09:15 修改: 2023-02-03 19:15

json-schema CVE-2021-3918 严重 0.2.3 0.4.0 nodejs-json-schema: Prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-11-13 09:15 修改: 2023-02-03 19:15

minimist CVE-2021-44906 严重 0.0.8 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15

minimist CVE-2021-44906 严重 0.0.8 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15

minimist CVE-2021-44906 严重 1.2.0 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15

minimist CVE-2021-44906 严重 1.2.0 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15

fstream CVE-2019-13173 高危 1.0.11 1.0.12 nodejs-fstream: File overwrite in fstream.DirWriter() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13173

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2019-07-02 20:15 修改: 2020-08-24 17:37

fstream CVE-2019-13173 高危 1.0.11 1.0.12 nodejs-fstream: File overwrite in fstream.DirWriter() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13173

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2019-07-02 20:15 修改: 2020-08-24 17:37

hawk CVE-2022-29167 高危 3.1.3 9.0.1 hawk: REDoS in hawk.utils.parseHost() when parsing Host header

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29167

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2022-05-05 23:15 修改: 2023-07-21 16:42

hoek CVE-2020-36604 高危 2.16.3 hapi/hoek: Prototype Pollution in @hapi/hoek

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36604

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2022-09-23 06:15 修改: 2023-11-07 03:22

http-cache-semantics CVE-2022-25881 高危 3.8.1 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44

ini CVE-2020-7788 高危 1.3.5 1.3.6 nodejs-ini: Prototype pollution via malicious INI file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40

ini CVE-2020-7788 高危 1.3.5 1.3.6 nodejs-ini: Prototype pollution via malicious INI file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40

ip CVE-2024-29415 高危 1.1.5 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35

js-yaml GHSA-8j8c-7jfh-h6hx 高危 3.12.2 3.13.1 Code Injection in js-yaml

漏洞详情: https://github.com/advisories/GHSA-8j8c-7jfh-h6hx

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

ansi-regex CVE-2021-3807 高危 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01

cross-spawn CVE-2024-21538 高危 5.1.0 7.0.5, 6.0.6 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15

minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51

minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51

minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51

cross-spawn CVE-2024-21538 高危 6.0.5 7.0.5, 6.0.6 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15

decode-uri-component CVE-2022-38900 高危 0.2.0 0.2.1 decode-uri-component: improper input validation resulting in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38900

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-11-28 13:15 修改: 2023-11-07 03:50

ansi-regex CVE-2021-3807 高危 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01

dot-prop CVE-2020-8116 高危 4.2.0 4.2.1, 5.1.1 nodejs-dot-prop: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8116

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-02-04 20:15 修改: 2022-08-05 19:32

npm-user-validate CVE-2020-7754 高危 1.0.0 1.0.1 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7754

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-10-27 15:15 修改: 2020-10-27 17:31

qs CVE-2022-24999 高危 6.4.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15

qs CVE-2022-24999 高危 6.5.2 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15

semver CVE-2022-25883 高危 5.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

semver CVE-2022-25883 高危 5.5.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

semver CVE-2022-25883 高危 5.6.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

ssri CVE-2021-27290 高危 6.0.1 6.0.2, 7.1.1, 8.0.1 nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27290

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-03-12 22:15 修改: 2022-05-13 20:51

tar CVE-2018-20834 高危 2.2.1 4.4.2, 2.2.2 nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20834

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2019-04-30 19:29 修改: 2019-09-04 20:15

tar CVE-2021-32804 高危 2.2.1 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12

tar CVE-2021-37713 高危 2.2.1 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40

tar CVE-2021-32803 高危 4.4.13 3.2.3, 4.4.15, 5.0.7, 6.1.2 nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32803

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-03 19:15 修改: 2022-07-02 18:28

tar CVE-2021-32804 高危 4.4.13 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12

tar CVE-2021-37701 高危 4.4.13 4.4.16, 5.0.8, 6.1.7 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37701

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-31 17:15 修改: 2023-01-19 20:11

tar CVE-2021-37712 高危 4.4.13 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37712

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-31 17:15 修改: 2023-02-23 02:28

tar CVE-2021-37713 高危 4.4.13 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40

y18n CVE-2020-7774 高危 3.2.1 3.2.2, 4.0.1, 5.0.5 nodejs-y18n: prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7774

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-11-17 13:15 修改: 2022-12-02 19:40

y18n CVE-2020-7774 高危 4.0.0 3.2.2, 4.0.1, 5.0.5 nodejs-y18n: prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7774

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-11-17 13:15 修改: 2022-12-02 19:40

yarn CVE-2019-10773 高危 1.21.1 1.22.0 nodejs-yarn: Install functionality can be abused to generate arbitrary symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10773

镜像层: sha256:b030c52177350fdd6b680a22b752c2209905b4da67d8ef9662cd077b37c1429d

发布日期: 2019-12-16 20:15 修改: 2023-11-07 03:02

yarn CVE-2020-8131 高危 1.21.1 1.22.0 yarn: Arbitrary filesystem write via tar expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8131

镜像层: sha256:b030c52177350fdd6b680a22b752c2209905b4da67d8ef9662cd077b37c1429d

发布日期: 2020-02-24 15:15 修改: 2020-03-24 14:47

yarn CVE-2021-4435 高危 1.21.1 1.22.13 yarn: untrusted search path

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4435

镜像层: sha256:b030c52177350fdd6b680a22b752c2209905b4da67d8ef9662cd077b37c1429d

发布日期: 2024-02-04 20:15 修改: 2024-02-13 00:38

minimist CVE-2020-7598 中危 0.0.8 0.2.1, 1.2.3 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02

minimist CVE-2020-7598 中危 0.0.8 0.2.1, 1.2.3 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02

got CVE-2022-33987 中危 6.7.1 12.1.0, 11.8.5 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15

stringstream CVE-2018-21270 中危 0.0.5 0.0.6 nodejs-stringstream: out-of-bounds read leading to uninitialized memory exposure

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-21270

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2020-12-03 21:15 修改: 2021-02-16 14:35

stringstream NSWG-ECO-422 中危 0.0.5 >=0.0.6 Out-of-bounds Read

漏洞详情: https://hackerone.com/reports/321670

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

mem GHSA-4xcv-9jjx-gfj3 中危 1.1.0 4.0.0 Denial of Service in mem

漏洞详情: https://github.com/advisories/GHSA-4xcv-9jjx-gfj3

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

minimist CVE-2020-7598 中危 1.2.0 0.2.1, 1.2.3 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02

minimist CVE-2020-7598 中危 1.2.0 0.2.1, 1.2.3 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02

tar CVE-2024-28863 中危 2.2.1 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

npm CVE-2020-15095 中危 6.13.4 6.14.6 npm: sensitive information exposure through logs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15095

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-07-07 19:15 修改: 2023-11-07 03:17

npm-registry-fetch GHSA-jmqm-f2gx-4fjv 中危 4.0.2 4.0.5, 8.1.1 Sensitive information exposure through logs in npm-registry-fetch

漏洞详情: https://github.com/advisories/GHSA-jmqm-f2gx-4fjv

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

extend CVE-2018-16492 中危 3.0.1 3.0.2, 2.0.2 nodejs-extend: Prototype pollution can allow attackers to modify object properties

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16492

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2019-02-01 18:29 修改: 2019-10-09 23:36

path-parse CVE-2021-23343 中危 1.0.6 1.0.7 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23343

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-05-04 09:15 修改: 2023-11-07 03:30

ajv CVE-2020-15366 中危 5.5.2 6.12.3 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15

tar CVE-2024-28863 中危 4.4.13 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

tar CVE-2024-28863 中危 4.4.19 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

tough-cookie CVE-2023-26136 中危 2.3.4 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15

tough-cookie CVE-2023-26136 中危 2.4.3 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15

hosted-git-info CVE-2021-23362 中危 2.8.5 2.8.9, 3.0.8 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23362

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2021-03-23 17:15 修改: 2023-08-08 14:22

request CVE-2023-28155 中危 2.81.0 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15

yargs-parser CVE-2020-7608 中危 11.1.1 13.1.2, 15.0.1, 18.1.1, 5.0.1 nodejs-yargs-parser: prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7608

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2020-03-16 20:15 修改: 2022-11-15 16:40

yargs-parser CVE-2020-7608 中危 9.0.2 13.1.2, 15.0.1, 18.1.1, 5.0.1 nodejs-yargs-parser: prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7608

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2020-03-16 20:15 修改: 2022-11-15 16:40

request CVE-2023-28155 中危 2.88.0 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15

js-yaml GHSA-2pr6-76vf-7546 中危 3.12.2 3.13.0 Denial of Service in js-yaml

漏洞详情: https://github.com/advisories/GHSA-2pr6-76vf-7546

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

ajv CVE-2020-15366 中危 4.11.8 6.12.3 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15

deep-extend NSWG-ECO-408 低危 0.4.2 >=0.5.1 deep-extend prototype pollution

漏洞详情: https://hackerone.com/reports/311333

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

ip CVE-2023-42282 低危 1.1.5 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14

hoek CVE-2018-3728 低危 2.16.3 >=5.0.3 >=4.2.1 hoek: Prototype pollution in utilities function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-3728

镜像层: sha256:97aa741a3128ff506d714dfaca2b220f89659b223755b5ed7fcefdad1343599a

发布日期: 2018-03-30 19:29 修改: 2019-10-09 23:40

npm-user-validate GHSA-xgh6-85xh-479p 低危 1.0.0 1.0.1 Regular Expression Denial of Service in npm-user-validate

漏洞详情: https://github.com/advisories/GHSA-xgh6-85xh-479p

镜像层: sha256:385260d551e99069cfbbe0a1b75ad755fd9031810325cf432ad98234c6ac5bbd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00