docker.io/rocketchat/rocket.chat:6.7.0 linux/amd64

docker.io/rocketchat/rocket.chat:6.7.0 - Trivy安全扫描结果 扫描时间: 2024-10-27 08:54
全部漏洞信息
低危漏洞:106 中危漏洞:113 高危漏洞:119 严重漏洞:14

系统OS: debian 11.6 扫描引擎: Trivy 扫描时间: 2024-10-27 08:54

docker.io/rocketchat/rocket.chat:6.7.0 (debian 11.6) (debian)
低危漏洞:85 中危漏洞:54 高危漏洞:40 严重漏洞:8
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libdb5.3 CVE-2019-8457 严重 5.3.28+dfsg1-0.8 sqlite: heap out-of-bound read in function rtreenode()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-05-30 16:29 修改: 2023-11-07 03:13
libexpat1 CVE-2024-45491 严重 2.2.10-2+deb11u5 2.2.10-2+deb11u6 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat1 CVE-2024-45492 严重 2.2.10-2+deb11u5 2.2.10-2+deb11u6 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libgssapi-krb5-2 CVE-2024-37371 严重 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libk5crypto3 CVE-2024-37371 严重 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5-3 CVE-2024-37371 严重 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5support0 CVE-2024-37371 严重 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
zlib1g CVE-2023-45853 严重 1:1.2.11.dfsg-2+deb11u2 zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45853

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-10-14 02:15 修改: 2024-08-01 13:44
libc6 CVE-2024-33599 高危 2.31-13+deb11u8 2.31-13+deb11u10 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libcom-err2 CVE-2022-1304 高危 1.46.2-2 1.46.2-2+deb11u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
bash CVE-2022-3715 高危 5.1-2+deb11u1 bash: a heap-buffer-overflow in valid_parameter_transform

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3715

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-01-05 15:15 修改: 2023-02-24 18:38
bsdutils CVE-2024-28085 高危 1:2.36.1-8+deb11u1 2.36.1-8+deb11u2 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
e2fsprogs CVE-2022-1304 高危 1.46.2-2 1.46.2-2+deb11u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
libexpat1 CVE-2023-52425 高危 2.2.10-2+deb11u5 2.2.10-2+deb11u6 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
libexpat1 CVE-2024-45490 高危 2.2.10-2+deb11u5 2.2.10-2+deb11u6 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
libext2fs2 CVE-2022-1304 高危 1.46.2-2 1.46.2-2+deb11u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
libgcrypt20 CVE-2021-33560 高危 1.8.7-6 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35
libgnutls30 CVE-2024-0553 高危 3.7.1-5+deb11u3 3.7.1-5+deb11u5 gnutls: incomplete fix for CVE-2023-5981

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-01-16 12:15 修改: 2024-09-16 13:15
libgnutls30 CVE-2024-0567 高危 3.7.1-5+deb11u3 3.7.1-5+deb11u5 gnutls: rejects certificate chain with distributed trust

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0567

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-01-16 14:15 修改: 2024-09-16 13:15
libblkid1 CVE-2024-28085 高危 2.36.1-8+deb11u1 2.36.1-8+deb11u2 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libgssapi-krb5-2 CVE-2024-37370 高危 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libc-bin CVE-2023-4911 高危 2.31-13+deb11u5 2.31-13+deb11u7 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46
libk5crypto3 CVE-2024-37370 高危 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libc-bin CVE-2024-2961 高危 2.31-13+deb11u5 2.31-13+deb11u9 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
libkrb5-3 CVE-2024-37370 高危 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libc-bin CVE-2024-33599 高危 2.31-13+deb11u5 2.31-13+deb11u10 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libkrb5support0 CVE-2024-37370 高危 1.18.3-6+deb11u3 1.18.3-6+deb11u5 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libmount1 CVE-2024-28085 高危 2.36.1-8+deb11u1 2.36.1-8+deb11u2 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libsmartcols1 CVE-2024-28085 高危 2.36.1-8+deb11u1 2.36.1-8+deb11u2 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libss2 CVE-2022-1304 高危 1.46.2-2 1.46.2-2+deb11u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
libssl1.1 CVE-2023-0464 高危 1.1.1n-0+deb11u4 1.1.1n-0+deb11u5 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15
libsystemd0 CVE-2023-50387 高危 247.3-7+deb11u1 247.3-7+deb11u6 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
libsystemd0 CVE-2023-50868 高危 247.3-7+deb11u1 247.3-7+deb11u6 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
libudev1 CVE-2023-50387 高危 247.3-7+deb11u1 247.3-7+deb11u6 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
libudev1 CVE-2023-50868 高危 247.3-7+deb11u1 247.3-7+deb11u6 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
libuuid1 CVE-2024-28085 高危 2.36.1-8+deb11u1 2.36.1-8+deb11u2 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libzstd1 CVE-2022-4899 高危 1.4.8+dfsg-2.1 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59
logsave CVE-2022-1304 高危 1.46.2-2 1.46.2-2+deb11u1 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
mount CVE-2024-28085 高危 2.36.1-8+deb11u1 2.36.1-8+deb11u2 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
ncurses-base CVE-2022-29458 高危 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-base CVE-2023-29491 高危 6.2+20201114-2 6.2+20201114-2+deb11u2 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
ncurses-bin CVE-2022-29458 高危 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-bin CVE-2023-29491 高危 6.2+20201114-2 6.2+20201114-2+deb11u2 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
perl-base CVE-2020-16156 高危 5.32.1-4+deb11u2 5.32.1-4+deb11u4 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
perl-base CVE-2023-31484 高危 5.32.1-4+deb11u2 5.32.1-4+deb11u4 perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-04-29 00:15 修改: 2024-08-01 13:43
perl-base CVE-2023-47038 高危 5.32.1-4+deb11u2 5.32.1-4+deb11u3 perl: Write past buffer end via illegal user-defined Unicode property

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-12-18 14:15 修改: 2024-09-16 16:15
util-linux CVE-2024-28085 高危 2.36.1-8+deb11u1 2.36.1-8+deb11u2 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libc6 CVE-2024-2961 高危 2.31-13+deb11u8 2.31-13+deb11u9 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
libc6 CVE-2023-4813 中危 2.31-13+deb11u8 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15
libc6 CVE-2024-33600 中危 2.31-13+deb11u8 2.31-13+deb11u10 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libkrb5support0 CVE-2023-36054 中危 1.18.3-6+deb11u3 1.18.3-6+deb11u4 krb5: Denial of service through freeing uninitialized pointer

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
libkrb5support0 CVE-2024-26458 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26461 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libgcrypt20 CVE-2024-2236 中危 1.8.7-6 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-06 22:15 修改: 2024-09-14 04:15
libpam-modules CVE-2024-10041 中危 1.4.0-9+deb11u1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-10-23 14:15 修改: 2024-10-23 15:12
libpam-modules CVE-2024-22365 中危 1.4.0-9+deb11u1 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libpam-modules-bin CVE-2024-10041 中危 1.4.0-9+deb11u1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-10-23 14:15 修改: 2024-10-23 15:12
libpam-modules-bin CVE-2024-22365 中危 1.4.0-9+deb11u1 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libpam-runtime CVE-2024-10041 中危 1.4.0-9+deb11u1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-10-23 14:15 修改: 2024-10-23 15:12
libpam-runtime CVE-2024-22365 中危 1.4.0-9+deb11u1 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libpam0g CVE-2024-10041 中危 1.4.0-9+deb11u1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-10-23 14:15 修改: 2024-10-23 15:12
libpam0g CVE-2024-22365 中危 1.4.0-9+deb11u1 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libc6 CVE-2024-33601 中危 2.31-13+deb11u8 2.31-13+deb11u10 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33602 中危 2.31-13+deb11u8 2.31-13+deb11u10 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libgnutls30 CVE-2023-5981 中危 3.7.1-5+deb11u3 3.7.1-5+deb11u4 gnutls: timing side-channel in the RSA-PSK authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-11-28 12:15 修改: 2024-09-16 13:15
libssl1.1 CVE-2023-0465 中危 1.1.1n-0+deb11u4 1.1.1n-0+deb11u5 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-0466 中危 1.1.1n-0+deb11u4 1.1.1n-0+deb11u5 openssl: Certificate policy check not enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-2650 中危 1.1.1n-0+deb11u4 1.1.1n-0+deb11u5 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-3446 中危 1.1.1n-0+deb11u4 1.1.1v-0~deb11u1 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
libssl1.1 CVE-2023-3817 中危 1.1.1n-0+deb11u4 1.1.1v-0~deb11u1 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
libssl1.1 CVE-2023-5678 中危 1.1.1n-0+deb11u4 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libssl1.1 CVE-2024-0727 中危 1.1.1n-0+deb11u4 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
libssl1.1 CVE-2024-4741 中危 1.1.1n-0+deb11u4 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssl1.1 CVE-2024-5535 中危 1.1.1n-0+deb11u4 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libgnutls30 CVE-2024-28834 中危 3.7.1-5+deb11u3 3.7.1-5+deb11u6 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-21 14:15 修改: 2024-09-12 20:15
libgnutls30 CVE-2024-28835 中危 3.7.1-5+deb11u3 3.7.1-5+deb11u6 gnutls: potential crash during chain building/verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-21 06:15 修改: 2024-09-16 19:16
libsystemd0 CVE-2022-3821 中危 247.3-7+deb11u1 247.3-7+deb11u2 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51
libsystemd0 CVE-2022-4415 中危 247.3-7+deb11u1 247.3-7+deb11u2 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19
libsystemd0 CVE-2023-7008 中危 247.3-7+deb11u1 247.3-7+deb11u6 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
libtinfo6 CVE-2023-50495 中危 6.2+20201114-2+deb11u2 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libc-bin CVE-2024-33600 中危 2.31-13+deb11u5 2.31-13+deb11u10 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33601 中危 2.31-13+deb11u5 2.31-13+deb11u10 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libudev1 CVE-2022-3821 中危 247.3-7+deb11u1 247.3-7+deb11u2 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51
libudev1 CVE-2022-4415 中危 247.3-7+deb11u1 247.3-7+deb11u2 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19
libudev1 CVE-2023-7008 中危 247.3-7+deb11u1 247.3-7+deb11u6 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
libgssapi-krb5-2 CVE-2023-36054 中危 1.18.3-6+deb11u3 1.18.3-6+deb11u4 krb5: Denial of service through freeing uninitialized pointer

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
libgssapi-krb5-2 CVE-2024-26458 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
login CVE-2023-4641 中危 1:4.8.1-1 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15
libgssapi-krb5-2 CVE-2024-26461 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc-bin CVE-2024-33602 中危 2.31-13+deb11u5 2.31-13+deb11u10 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2023-4806 中危 2.31-13+deb11u5 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15
libk5crypto3 CVE-2023-36054 中危 1.18.3-6+deb11u3 1.18.3-6+deb11u4 krb5: Denial of service through freeing uninitialized pointer

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
ncurses-base CVE-2023-50495 中危 6.2+20201114-2 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libk5crypto3 CVE-2024-26458 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26461 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
ncurses-bin CVE-2023-50495 中危 6.2+20201114-2 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
passwd CVE-2023-4641 中危 1:4.8.1-1 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15
libc-bin CVE-2023-4813 中危 2.31-13+deb11u5 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15
libc6 CVE-2023-4806 中危 2.31-13+deb11u8 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15
libkrb5-3 CVE-2023-36054 中危 1.18.3-6+deb11u3 1.18.3-6+deb11u4 krb5: Denial of service through freeing uninitialized pointer

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
libkrb5-3 CVE-2024-26458 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26461 中危 1.18.3-6+deb11u3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libpcre3 CVE-2017-7246 低危 2:8.39-13 pcre: stack-based buffer overflow write in pcre32_copy_substring

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7246

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2017-03-23 21:59 修改: 2018-08-17 10:29
libpcre3 CVE-2019-20838 低危 2:8.39-13 pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20838

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:05
libpng16-16 CVE-2019-6129 低危 1.6.37-3 libpng: memory leak of png_info struct in pngcp.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6129

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2019-01-11 05:29 修改: 2024-08-04 21:15
libpng16-16 CVE-2021-4214 低危 1.6.37-3 libpng: hardcoded value leads to heap-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4214

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2022-08-24 16:15 修改: 2022-11-08 02:32
libsepol1 CVE-2021-36084 低危 3.1-1 3.1-1+deb11u1 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1 CVE-2021-36085 低危 3.1-1 3.1-1+deb11u1 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1 CVE-2021-36086 低危 3.1-1 3.1-1+deb11u1 libsepol: use-after-free in cil_reset_classpermission()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1 CVE-2021-36087 低危 3.1-1 3.1-1+deb11u1 libsepol: heap-based buffer overflow in ebitmap_match_any()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
coreutils CVE-2016-2781 低危 8.32-4+b1 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libsmartcols1 CVE-2022-0563 低危 2.36.1-8+deb11u1 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-02-21 19:15 修改: 2024-01-07 09:15
libgnutls30 CVE-2011-3389 低危 3.7.1-5+deb11u3 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3389

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2011-09-06 19:55 修改: 2022-11-29 15:56
coreutils CVE-2017-18018 低危 8.32-4+b1 coreutils: race condition vulnerability in chown and chgrp

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18018

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2018-01-04 04:29 修改: 2018-01-19 15:46
bash TEMP-0841856-B18BAF 低危 5.1-2+deb11u1 [Privilege escalation possible to other user than root]

漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0841856-B18BAF

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gcc-10-base CVE-2023-4039 低危 10.2.1-6 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libc6 CVE-2010-4756 低危 2.31-13+deb11u8 glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2011-03-02 20:00 修改: 2021-09-01 12:15
libc6 CVE-2018-20796 低危 2.31-13+deb11u8 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2019-02-26 02:29 修改: 2023-11-07 02:56
libgssapi-krb5-2 CVE-2018-5709 低危 1.18.3-6+deb11u3 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libc6 CVE-2019-1010022 低危 2.31-13+deb11u8 glibc: stack guard protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
libc6 CVE-2019-1010023 低危 2.31-13+deb11u8 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
libc6 CVE-2019-1010024 低危 2.31-13+deb11u8 glibc: ASLR bypass using cache of thread stack and heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
libc6 CVE-2019-1010025 低危 2.31-13+deb11u8 glibc: information disclosure of heap addresses of pthread_created thread

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
libssl1.1 CVE-2024-2511 低危 1.1.1n-0+deb11u4 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl1.1 CVE-2024-9143 低危 1.1.1n-0+deb11u4 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53
libstdc++6 CVE-2023-4039 低危 10.2.1-6 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libc6 CVE-2019-9192 低危 2.31-13+deb11u8 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2019-02-26 18:29 修改: 2024-08-04 22:15
libk5crypto3 CVE-2018-5709 低危 1.18.3-6+deb11u3 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
gcc-9-base CVE-2023-4039 低危 9.3.0-22 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
gpgv CVE-2022-3219 低危 2.2.27-2+deb11u2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libapt-pkg6.0 CVE-2011-3374 低危 2.2.4 It was found that apt-key in apt, all versions, do not correctly valid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3374

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-11-26 00:15 修改: 2021-02-09 16:08
libsystemd0 CVE-2013-4392 低危 247.3-7+deb11u1 systemd: TOCTOU race condition when updating file permissions and SELinux security contexts

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4392

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2013-10-28 22:55 修改: 2022-01-31 17:49
libsystemd0 CVE-2020-13529 低危 247.3-7+deb11u1 systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13529

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-05-10 16:15 修改: 2023-11-07 03:16
libsystemd0 CVE-2023-31437 低危 247.3-7+deb11u1 An issue was discovered in systemd 253. An attacker can modify a seale ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31437

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
libsystemd0 CVE-2023-31438 低危 247.3-7+deb11u1 An issue was discovered in systemd 253. An attacker can truncate a sea ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31438

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
libsystemd0 CVE-2023-31439 低危 247.3-7+deb11u1 An issue was discovered in systemd 253. An attacker can modify the con ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
libc-bin CVE-2010-4756 低危 2.31-13+deb11u5 glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2011-03-02 20:00 修改: 2021-09-01 12:15
libtinfo6 CVE-2023-45918 低危 6.2+20201114-2+deb11u2 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
libc-bin CVE-2018-20796 低危 2.31-13+deb11u5 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-02-26 02:29 修改: 2023-11-07 02:56
libkrb5-3 CVE-2018-5709 低危 1.18.3-6+deb11u3 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libc-bin CVE-2019-1010022 低危 2.31-13+deb11u5 glibc: stack guard protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
libexpat1 CVE-2013-0340 低危 2.2.10-2+deb11u5 expat: internal entity expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-0340

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2014-01-21 18:55 修改: 2023-11-07 02:13
libexpat1 CVE-2023-52426 低危 2.2.10-2+deb11u5 expat: recursive XML entity expansion vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2024-02-04 20:15 修改: 2024-03-07 17:15
libudev1 CVE-2013-4392 低危 247.3-7+deb11u1 systemd: TOCTOU race condition when updating file permissions and SELinux security contexts

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4392

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2013-10-28 22:55 修改: 2022-01-31 17:49
libudev1 CVE-2020-13529 低危 247.3-7+deb11u1 systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13529

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2021-05-10 16:15 修改: 2023-11-07 03:16
libudev1 CVE-2023-31437 低危 247.3-7+deb11u1 An issue was discovered in systemd 253. An attacker can modify a seale ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31437

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
libudev1 CVE-2023-31438 低危 247.3-7+deb11u1 An issue was discovered in systemd 253. An attacker can truncate a sea ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31438

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
libudev1 CVE-2023-31439 低危 247.3-7+deb11u1 An issue was discovered in systemd 253. An attacker can modify the con ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
libexpat1 CVE-2024-28757 低危 2.2.10-2+deb11u5 expat: XML Entity Expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
libuuid1 CVE-2022-0563 低危 2.36.1-8+deb11u1 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-02-21 19:15 修改: 2024-01-07 09:15
libc-bin CVE-2019-1010023 低危 2.31-13+deb11u5 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
libkrb5support0 CVE-2018-5709 低危 1.18.3-6+deb11u3 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
login CVE-2007-5686 低危 1:4.8.1-1 initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-5686

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2007-10-28 17:08 修改: 2018-10-15 21:45
login CVE-2013-4235 低危 1:4.8.1-1 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
login CVE-2019-19882 低危 1:4.8.1-1 shadow-utils: local users can obtain root access because setuid programs are misconfigured

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19882

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-12-18 16:15 修改: 2020-08-25 15:15
login CVE-2023-29383 低危 1:4.8.1-1 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
login TEMP-0628843-DBAD28 低危 1:4.8.1-1 [more related to CVE-2005-4890]

漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libfreetype6 CVE-2022-31782 低危 2.10.4+dfsg-1+deb11u1 ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31782

镜像层: sha256:ec0fa315d919c3519a29fd5d2c107aaaa55ecb71c5281b4f54fa93145a2eead8

发布日期: 2022-06-02 14:15 修改: 2022-06-10 18:08
libmount1 CVE-2022-0563 低危 2.36.1-8+deb11u1 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-02-21 19:15 修改: 2024-01-07 09:15
mount CVE-2022-0563 低危 2.36.1-8+deb11u1 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-02-21 19:15 修改: 2024-01-07 09:15
libgcc-s1 CVE-2023-4039 低危 10.2.1-6 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libc-bin CVE-2019-1010024 低危 2.31-13+deb11u5 glibc: ASLR bypass using cache of thread stack and heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
libc-bin CVE-2019-1010025 低危 2.31-13+deb11u5 glibc: information disclosure of heap addresses of pthread_created thread

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-07-15 04:15 修改: 2024-08-05 03:15
ncurses-base CVE-2023-45918 低危 6.2+20201114-2 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
libgcrypt20 CVE-2018-6829 低危 1.8.7-6 libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6829

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2018-02-07 23:29 修改: 2020-01-15 20:15
libc-bin CVE-2019-9192 低危 2.31-13+deb11u5 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-02-26 18:29 修改: 2024-08-04 22:15
apt CVE-2011-3374 低危 2.2.4 It was found that apt-key in apt, all versions, do not correctly valid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3374

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-11-26 00:15 修改: 2021-02-09 16:08
ncurses-bin CVE-2023-45918 低危 6.2+20201114-2 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
libblkid1 CVE-2022-0563 低危 2.36.1-8+deb11u1 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-02-21 19:15 修改: 2024-01-07 09:15
passwd CVE-2007-5686 低危 1:4.8.1-1 initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-5686

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2007-10-28 17:08 修改: 2018-10-15 21:45
passwd CVE-2013-4235 低危 1:4.8.1-1 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
passwd CVE-2019-19882 低危 1:4.8.1-1 shadow-utils: local users can obtain root access because setuid programs are misconfigured

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19882

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-12-18 16:15 修改: 2020-08-25 15:15
passwd CVE-2023-29383 低危 1:4.8.1-1 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
passwd TEMP-0628843-DBAD28 低危 1:4.8.1-1 [more related to CVE-2005-4890]

漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
bsdutils CVE-2022-0563 低危 1:2.36.1-8+deb11u1 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-02-21 19:15 修改: 2024-01-07 09:15
libpcre2-8-0 CVE-2022-41409 低危 10.36-2+deb11u1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libpcre3 CVE-2017-11164 低危 2:8.39-13 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
perl-base CVE-2011-4116 低危 5.32.1-4+deb11u2 perl: File:: Temp insecure temporary file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2011-4116

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2020-01-31 18:15 修改: 2020-02-05 22:10
perl-base CVE-2023-31486 低危 5.32.1-4+deb11u2 http-tiny: insecure TLS cert default

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31486

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-04-29 00:15 修改: 2023-06-21 18:19
sysvinit-utils TEMP-0517018-A83CE6 低危 2.96-7+deb11u1 [sysvinit: no-root option in expert installer exposes locally exploitable security flaw]

漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0517018-A83CE6

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tar CVE-2005-2541 低危 1.34+dfsg-1 tar: does not properly warn the user when extracting setuid or setgid files

漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2005-08-10 04:00 修改: 2023-11-07 01:57
tar CVE-2022-48303 低危 1.34+dfsg-1 1.34+dfsg-1+deb11u1 tar: heap buffer overflow at from_header() in list.c via specially crafted checksum

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48303

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2023-01-30 04:15 修改: 2023-05-30 17:16
tar CVE-2023-39804 低危 1.34+dfsg-1 1.34+dfsg-1+deb11u1 tar: Incorrectly handled extension attributes in PAX archives can lead to a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2024-03-27 04:15 修改: 2024-03-27 12:29
tar TEMP-0290435-0B57B5 低危 1.34+dfsg-1 [tar's rmt command may have undesired side effects]

漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0290435-0B57B5

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libpcre3 CVE-2017-16231 低危 2:8.39-13 pcre: self-recursive call in match() in pcre_exec.c leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16231

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2019-03-21 15:59 修改: 2024-08-05 21:15
util-linux CVE-2022-0563 低危 2.36.1-8+deb11u1 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2022-02-21 19:15 修改: 2024-01-07 09:15
libpcre3 CVE-2017-7245 低危 2:8.39-13 pcre: stack-based buffer overflow write in pcre32_copy_substring

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7245

镜像层: sha256:ed7b0ef3bf5bbec74379c3ae3d5339e666a314223e863c70644f7522a7527461

发布日期: 2017-03-23 21:59 修改: 2018-08-17 10:29
Node.js (node-pkg)
低危漏洞:21 中危漏洞:59 高危漏洞:79 严重漏洞:6
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
crypto-js CVE-2023-46233 严重 4.1.1 4.2.0 crypto-js: PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46233

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-10-25 21:15 修改: 2023-11-27 20:15
morgan CVE-2019-5413 严重 1.6.1 1.9.1 nodejs-morgan: Unescaped input in compile() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5413

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2019-03-21 16:01 修改: 2023-11-07 03:11
underscore CVE-2021-23358 严重 1.4.4 1.12.1 nodejs-underscore: Arbitrary code execution via the template function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
underscore CVE-2021-23358 严重 1.4.4 1.12.1 nodejs-underscore: Arbitrary code execution via the template function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
vm2 CVE-2023-37466 严重 3.9.19 vm2: Promise handler sanitization can be bypassed allowing attackers to escape the sandbox and run arbitrary code

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37466

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-07-14 00:15 修改: 2024-02-01 14:05
vm2 CVE-2023-37903 严重 3.9.19 vm2: custom inspect function allows attackers to escape the sandbox and run arbitrary code

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37903

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-07-21 20:15 修改: 2024-02-01 13:46
body-parser CVE-2024-45590 高危 1.13.3 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
body-parser CVE-2024-45590 高危 1.19.0 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
body-parser CVE-2024-45590 高危 1.20.1 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
body-parser CVE-2024-45590 高危 1.20.2 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
braces CVE-2024-4068 高危 2.3.2 3.0.3 braces: fails to limit the number of characters it can handle

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
braces CVE-2024-4068 高危 3.0.2 3.0.3 braces: fails to limit the number of characters it can handle

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
browserify-sign CVE-2023-46234 高危 4.2.1 4.2.2 browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46234

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-10-26 15:15 修改: 2024-02-28 03:15
ansi-regex CVE-2021-3807 高危 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
d3-color GHSA-36jr-mh4h-2g58 高危 2.0.0 3.1.0 d3-color vulnerable to ReDoS

漏洞详情: https://github.com/advisories/GHSA-36jr-mh4h-2g58

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
d3-color GHSA-36jr-mh4h-2g58 高危 2.0.0 3.1.0 d3-color vulnerable to ReDoS

漏洞详情: https://github.com/advisories/GHSA-36jr-mh4h-2g58

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
debug CVE-2017-20165 高危 2.2.0 3.1.0, 2.6.9 A vulnerability classified as problematic has been found in debug-js d ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20165

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-01-09 10:15 修改: 2024-05-17 01:17
debug CVE-2017-20165 高危 2.2.0 3.1.0, 2.6.9 A vulnerability classified as problematic has been found in debug-js d ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20165

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-01-09 10:15 修改: 2024-05-17 01:17
dompurify CVE-2024-45801 高危 2.3.8 2.5.4, 3.1.3 dompurify: XSS vulnerability via prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45801

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-16 19:16 修改: 2024-09-20 12:31
dompurify CVE-2024-47875 高危 2.3.8 2.5.0, 3.1.3 dompurify: nesting-based mutation XSS vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47875

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-11 15:15 修改: 2024-10-15 12:58
forwarded CVE-2017-16118 高危 0.1.0 0.1.2 nodejs-forwarded: regular expression denial of service when parsing crafted user input

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16118

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2019-10-09 23:24
fresh CVE-2017-16119 高危 0.3.0 0.5.2 nodejs-fresh: Regular expression denial of service when parsing crafted user input

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16119

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2019-10-09 23:24
fresh CVE-2017-16119 高危 0.3.0 0.5.2 nodejs-fresh: Regular expression denial of service when parsing crafted user input

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16119

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2019-10-09 23:24
hoek CVE-2020-36604 高危 6.1.3 hapi/hoek: Prototype Pollution in @hapi/hoek

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36604

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-09-23 06:15 修改: 2023-11-07 03:22
http-cache-semantics CVE-2022-25881 高危 3.8.1 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
ip CVE-2024-29415 高危 1.1.5 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
ip CVE-2024-29415 高危 2.0.0 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
ip CVE-2024-29415 高危 2.0.0 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
json5 CVE-2022-46175 高危 1.0.1 2.2.2, 1.0.2 json5: Prototype Pollution in JSON5 via Parse Method

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15
json5 CVE-2022-46175 高危 2.1.1 2.2.2, 1.0.2 json5: Prototype Pollution in JSON5 via Parse Method

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15
jsonwebtoken CVE-2022-23539 高危 8.5.1 9.0.0 jsonwebtoken: Unrestricted key type could lead to legacy keys usagen

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23539

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-12-23 00:15 修改: 2024-06-21 19:15
jsrsasign CVE-2024-21484 高危 10.5.25 11.0.0 jsrsasign: vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21484

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-01-22 05:15 修改: 2024-03-06 14:15
lodash CVE-2021-23337 高危 4.17.19 4.17.21 nodejs-lodash: command injection via template

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23337

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-02-15 13:15 修改: 2022-09-13 21:25
lodash.template CVE-2021-23337 高危 4.5.0 nodejs-lodash: command injection via template

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23337

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-02-15 13:15 修改: 2022-09-13 21:25
matrix-js-sdk CVE-2022-36059 高危 12.5.0 19.4.0 Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36059

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-03-28 21:15 修改: 2023-04-05 01:17
matrix-js-sdk CVE-2022-39249 高危 12.5.0 19.7.0 Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39249

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-09-28 20:15 修改: 2022-12-08 03:13
matrix-js-sdk CVE-2022-39250 高危 12.5.0 19.7.0 Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39250

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-09-29 13:15 修改: 2022-12-03 01:28
matrix-js-sdk CVE-2022-39251 高危 12.5.0 19.7.0 Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39251

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-09-28 20:15 修改: 2022-12-03 01:34
matrix-js-sdk CVE-2023-28427 高危 12.5.0 24.0.0 Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28427

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-03-28 21:15 修改: 2023-05-30 06:16
matrix-js-sdk CVE-2024-47080 高危 12.5.0 34.8.0 Matrix JavaScript SDK's key history sharing could share keys to malicious devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47080

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-15 15:15 修改: 2024-10-16 16:38
mime CVE-2017-16138 高危 1.3.4 2.0.3, 1.4.1 nodejs-mime: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16138

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2019-10-09 23:24
mime CVE-2017-16138 高危 1.3.4 2.0.3, 1.4.1 nodejs-mime: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16138

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2019-10-09 23:24
ansi-regex CVE-2021-3807 高危 4.1.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
nedb CVE-2021-23395 高危 1.8.0 Prototype Pollution in nedb

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23395

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-06-15 20:15 修改: 2023-08-08 14:22
negotiator CVE-2016-10539 高危 0.5.3 0.6.1 negotiator is an HTTP content negotiator for Node.js and is used by ma ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10539

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-05-31 20:29 修改: 2019-10-09 23:16
negotiator CVE-2016-10539 高危 0.5.3 0.6.1 negotiator is an HTTP content negotiator for Node.js and is used by ma ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10539

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-05-31 20:29 修改: 2019-10-09 23:16
negotiator NSWG-ECO-106 高危 0.5.3 >= 0.6.1 Regular Expression Denial of Service

漏洞详情:

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
negotiator NSWG-ECO-106 高危 0.5.3 >= 0.6.1 Regular Expression Denial of Service

漏洞详情:

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
node-fetch CVE-2022-0235 高危 2.3.0 3.1.1, 2.6.7 node-fetch: exposure of sensitive information to an unauthorized actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16
node-fetch CVE-2022-0235 高危 2.3.0 3.1.1, 2.6.7 node-fetch: exposure of sensitive information to an unauthorized actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16
node-forge CVE-2020-7720 高危 0.7.6 0.10.0 nodejs-node-forge: prototype pollution via the util.setPath function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7720

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2020-09-01 10:15 修改: 2022-12-02 19:53
node-forge CVE-2022-24771 高危 0.7.6 1.3.0 node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24771

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-03-18 14:15 修改: 2022-03-28 13:53
node-forge CVE-2022-24772 高危 0.7.6 1.3.0 node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24772

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-03-18 14:15 修改: 2022-03-28 14:10
oauth2-server CVE-2017-18924 高危 2.4.1 Code Injection in oauth2-server

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18924

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2020-10-04 05:15 修改: 2024-08-05 22:15
oauth2-server CVE-2020-26938 高危 2.4.1 oauth2-server through 3.1.1 vulnerable to Open Redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26938

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-08-29 21:15 修改: 2022-09-07 20:15
oauth2-server CVE-2017-18924 高危 3.1.1 Code Injection in oauth2-server

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18924

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2020-10-04 05:15 修改: 2024-08-05 22:15
oauth2-server CVE-2020-26938 高危 3.1.1 oauth2-server through 3.1.1 vulnerable to Open Redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26938

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-08-29 21:15 修改: 2022-09-07 20:15
path-to-regexp CVE-2024-45296 高危 0.1.7 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
path-to-regexp CVE-2024-45296 高危 0.1.7 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
path-to-regexp CVE-2024-45296 高危 1.2.1 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
path-to-regexp CVE-2024-45296 高危 6.2.1 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
pdfjs-dist CVE-2024-4367 高危 2.14.305 4.2.67 Mozilla: Arbitrary JavaScript execution in PDF.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4367

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-05-14 18:15 修改: 2024-06-10 17:16
qs CVE-2017-1000048 高危 4.0.0 6.0.4, 6.1.2, 6.2.3, 6.3.2 nodejs-qs: Prototype override protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000048

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2017-07-17 13:18 修改: 2017-12-31 02:29
qs CVE-2017-1000048 高危 4.0.0 6.0.4, 6.1.2, 6.2.3, 6.3.2 nodejs-qs: Prototype override protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000048

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2017-07-17 13:18 修改: 2017-12-31 02:29
qs CVE-2022-24999 高危 4.0.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 4.0.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2017-1000048 高危 5.2.0 6.0.4, 6.1.2, 6.2.3, 6.3.2 nodejs-qs: Prototype override protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000048

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2017-07-17 13:18 修改: 2017-12-31 02:29
qs CVE-2022-24999 高危 5.2.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 6.7.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
semver CVE-2022-25883 高危 5.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 6.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 7.3.8 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
base64-url GHSA-j4mr-9xw3-c9jx 高危 1.2.1 2.0.0 Out-of-bounds Read in base64-url

漏洞详情: https://github.com/advisories/GHSA-j4mr-9xw3-c9jx

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
base64-url NSWG-ECO-434 高危 1.2.1 >=2.0.0 Out-of-bounds Read

漏洞详情: https://hackerone.com/reports/321692

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
basic-auth-connect CVE-2024-47178 高危 1.0.0 1.1.0 basic-auth-connect: timing-unsafe equality comparison can leak timing information

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47178

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-30 16:15 修改: 2024-10-04 13:51
basic-auth-connect CVE-2024-47178 高危 1.0.0 1.1.0 basic-auth-connect: timing-unsafe equality comparison can leak timing information

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47178

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-30 16:15 修改: 2024-10-04 13:51
ws CVE-2024-37890 高危 5.2.3 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
ws CVE-2024-37890 高危 7.5.9 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
ws CVE-2024-37890 高危 7.5.9 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
ws CVE-2024-37890 高危 8.13.0 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
katex CVE-2024-28244 中危 0.16.9 0.16.10 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28244

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-25 20:15 修改: 2024-03-26 12:55
node-forge CVE-2022-0122 中危 0.7.6 1.0.0 Open Redirect in node-forge

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0122

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-01-06 05:15 修改: 2022-01-12 20:14
node-forge CVE-2022-24773 中危 0.7.6 1.3.0 node-forge: Signature verification leniency in checking `DigestInfo` structure

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24773

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-03-18 14:15 修改: 2022-03-28 14:20
nodemailer GHSA-9h6g-pr28-7cqp 中危 6.6.3 6.9.9 nodemailer ReDoS when trying to send a specially crafted email

漏洞详情: https://github.com/advisories/GHSA-9h6g-pr28-7cqp

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nodemailer GHSA-9h6g-pr28-7cqp 中危 6.7.0 6.9.9 nodemailer ReDoS when trying to send a specially crafted email

漏洞详情: https://github.com/advisories/GHSA-9h6g-pr28-7cqp

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nodemailer GHSA-9h6g-pr28-7cqp 中危 6.7.8 6.9.9 nodemailer ReDoS when trying to send a specially crafted email

漏洞详情: https://github.com/advisories/GHSA-9h6g-pr28-7cqp

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
katex CVE-2024-28245 中危 0.16.9 0.16.10 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28245

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-25 20:15 修改: 2024-03-26 12:55
katex CVE-2024-28246 中危 0.16.9 0.16.10 KaTeX is a JavaScript library for TeX math rendering on the web. Code ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28246

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-25 20:15 修改: 2024-03-26 12:55
follow-redirects CVE-2024-28849 中危 1.15.2 1.15.6 follow-redirects: Possible credential leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28849

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-14 17:15 修改: 2024-03-23 03:15
lodash CVE-2020-28500 中危 4.17.19 4.17.21 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28500

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-02-15 11:15 修改: 2022-09-13 21:18
axios CVE-2023-45857 中危 0.26.1 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15
lodash.trim CVE-2020-28500 中危 4.5.1 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28500

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-02-15 11:15 修改: 2022-09-13 21:18
axios CVE-2023-45857 中危 0.27.2 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15
@rocket.chat/message-parser CVE-2024-46935 中危 0.31.29 0.31.30 Denial of service in rocket chat message parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-46935

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-25 01:15 修改: 2024-09-26 17:39
got CVE-2022-33987 中危 6.7.1 12.1.0, 11.8.5 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
postcss CVE-2023-44270 中危 7.0.39 8.4.31 An issue was discovered in PostCSS before 8.4.31. The vulnerability af ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
postcss CVE-2023-44270 中危 8.4.21 8.4.31 An issue was discovered in PostCSS before 8.4.31. The vulnerability af ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
highlight.js GHSA-7wwv-vh3v-89cq 中危 9.18.5 10.4.1 ReDOS vulnerabities: multiple grammars

漏洞详情: https://github.com/advisories/GHSA-7wwv-vh3v-89cq

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
axios CVE-2023-45857 中危 0.21.4 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15
axios CVE-2023-45857 中危 0.23.0 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15
matrix-js-sdk CVE-2023-29529 中危 12.5.0 24.1.0 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29529

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-04-14 19:15 修改: 2023-04-25 14:06
matrix-js-sdk CVE-2024-42369 中危 12.5.0 34.3.1 matrix-js-sdk will freeze when a user sets a room with itself as a its predecessor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42369

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-08-20 15:15 修改: 2024-08-21 16:01
micromatch CVE-2024-4067 中危 4.0.5 4.0.8 micromatch: vulnerable to Regular Expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
express CVE-2024-29041 中危 4.13.3 4.19.2, 5.0.0-beta.3 express: cause malformed URLs to be evaluated

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29041

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-25 21:15 修改: 2024-03-26 12:55
request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
sanitize-html CVE-2024-21501 中危 2.7.2 2.12.1 sanitize-html: Information Exposure when used on the backend

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21501

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-02-24 05:15 修改: 2024-08-28 18:35
express CVE-2024-43796 中危 4.13.3 4.20.0, 5.0.0 express: Improper Input Handling in Express Redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43796

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:07
express CVE-2024-29041 中危 4.18.2 4.19.2, 5.0.0-beta.3 express: cause malformed URLs to be evaluated

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29041

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-25 21:15 修改: 2024-03-26 12:55
morgan NSWG-ECO-473 中危 1.6.1 >=1.9.1 Arbitrary Code Injection

漏洞详情: https://hackerone.com/reports/390881

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ms CVE-2017-20162 中危 0.7.1 2.0.0 Vercel ms Inefficient Regular Expression Complexity vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20162

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-01-05 12:15 修改: 2024-05-17 01:17
ms CVE-2017-20162 中危 0.7.1 2.0.0 Vercel ms Inefficient Regular Expression Complexity vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20162

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-01-05 12:15 修改: 2024-05-17 01:17
ms CVE-2017-20162 中危 0.7.1 2.0.0 Vercel ms Inefficient Regular Expression Complexity vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20162

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-01-05 12:15 修改: 2024-05-17 01:17
ms CVE-2017-20162 中危 0.7.2 2.0.0 Vercel ms Inefficient Regular Expression Complexity vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20162

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-01-05 12:15 修改: 2024-05-17 01:17
jose CVE-2024-28176 中危 4.14.6 4.15.5, 2.0.7 jose: resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28176

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-09 01:15 修改: 2024-03-30 04:15
send CVE-2024-43799 中危 0.13.0 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
send CVE-2024-43799 中危 0.13.2 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
send CVE-2024-43799 中危 0.18.0 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
send CVE-2024-43799 中危 0.18.0 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
serve-static CVE-2024-43800 中危 1.10.0 1.16.0, 2.1.0 serve-static: Improper Sanitization in serve-static

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
serve-static CVE-2024-43800 中危 1.10.3 1.16.0, 2.1.0 serve-static: Improper Sanitization in serve-static

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
serve-static CVE-2024-43800 中危 1.15.0 1.16.0, 2.1.0 serve-static: Improper Sanitization in serve-static

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
tar CVE-2024-28863 中危 4.4.19 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:735ac59e98e5c4accbde9b26d249c33efe44fcc15979e7e419457cacde9f2ccc

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 4.4.19 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 4.4.19 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 6.1.11 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 6.1.13 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
tough-cookie CVE-2023-26136 中危 4.1.2 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
express CVE-2024-43796 中危 4.18.2 4.20.0, 5.0.0 express: Improper Input Handling in Express Redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43796

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:07
fast-xml-parser CVE-2023-26920 中危 3.21.1 4.1.2 fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26920

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-12-12 17:15 修改: 2023-12-14 20:41
jsonpointer CVE-2021-23807 中危 4.1.0 5.0.0 nodejs-jsonpointer: type confusion vulnerability can lead to a bypass of a previous prototype pollution fix when the pointer components are arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23807

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2021-11-03 18:15 修改: 2021-11-05 18:08
fast-xml-parser CVE-2023-26920 中危 4.0.11 4.1.2 fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26920

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-12-12 17:15 修改: 2023-12-14 20:41
word-wrap CVE-2023-26115 中危 1.2.3 1.2.4 word-wrap: ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26115

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2023-06-22 05:15 修改: 2024-06-21 19:15
jsonwebtoken CVE-2022-23540 中危 8.5.1 9.0.0 jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23540

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-12-22 19:15 修改: 2024-06-21 19:15
jsonwebtoken CVE-2022-23541 中危 8.5.1 9.0.0 jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23541

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2022-12-22 18:15 修改: 2024-06-21 19:15
follow-redirects CVE-2023-26159 中危 1.15.2 1.15.4 follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26159

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-01-02 05:15 修改: 2024-01-23 03:15
katex CVE-2024-28243 中危 0.16.9 0.16.10 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28243

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-03-25 20:15 修改: 2024-03-26 12:55
cookie CVE-2024-47764 低危 0.4.1 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
cookie CVE-2024-47764 低危 0.5.0 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
ip CVE-2023-42282 低危 1.1.5 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:d45072afcccf7d6aac0d446fb8937f57c348f8334f446b42febc5758782ac73e

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
debug CVE-2017-16137 低危 2.2.0 2.6.9, 3.1.0, 3.2.7, 4.3.1 nodejs-debug: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
node-forge GHSA-5rrq-pxf6-6jx5 低危 0.7.6 1.0.0 Prototype Pollution in node-forge debug API.

漏洞详情: https://github.com/advisories/GHSA-5rrq-pxf6-6jx5

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
node-forge GHSA-gf8q-jrpm-jvxq 低危 0.7.6 1.0.0 URL parsing in node-forge could lead to undesired behavior.

漏洞详情: https://github.com/advisories/GHSA-gf8q-jrpm-jvxq

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
node-forge GHSA-wxgw-qj99-44c2 低危 0.7.6 0.10.0 Prototype Pollution in node-forge util.setPath API

漏洞详情: https://github.com/advisories/GHSA-wxgw-qj99-44c2

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
debug CVE-2017-16137 低危 2.2.0 2.6.9, 3.1.0, 3.2.7, 4.3.1 nodejs-debug: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
ip CVE-2023-42282 低危 2.0.0 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
ip CVE-2023-42282 低危 2.0.0 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
debug CVE-2017-16137 低危 4.1.1 2.6.9, 3.1.0, 3.2.7, 4.3.1 nodejs-debug: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
cookie CVE-2024-47764 低危 0.1.3 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
cookie CVE-2024-47764 低危 0.1.3 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
elliptic CVE-2024-42459 低危 6.5.4 6.5.7 elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42459

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-08-02 07:16 修改: 2024-08-02 15:35
elliptic CVE-2024-42460 低危 6.5.4 6.5.7 elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42460

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-08-02 07:16 修改: 2024-08-02 16:35
elliptic CVE-2024-42461 低危 6.5.4 6.5.7 elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42461

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-08-02 07:16 修改: 2024-08-16 16:51
elliptic CVE-2024-48948 低危 6.5.4 elliptic: ECDSA signature verification error may reject legitimate transactions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48948

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-15 14:15 修改: 2024-10-16 16:38
elliptic CVE-2024-48949 低危 6.5.4 6.5.6 elliptic: Missing Validation in Elliptic's EDDSA Signature Verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48949

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-10 01:15 修改: 2024-10-15 14:07
node-fetch CVE-2020-15168 低危 2.3.0 2.6.1, 3.0.0-beta.9 node-fetch: size of data after fetch() JS thread leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15168

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2020-09-10 19:15 修改: 2020-09-17 20:21
node-fetch CVE-2020-15168 低危 2.3.0 2.6.1, 3.0.0-beta.9 node-fetch: size of data after fetch() JS thread leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15168

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2020-09-10 19:15 修改: 2020-09-17 20:21
cookie CVE-2024-47764 低危 0.4.1 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:4e3a12e635f4c22f033664d4d0d39df970e435a3a9cdcf9c556b09e0d52f34cf

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
/app/bundle/programs/server/app/app.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息