| basic-ftp |
CVE-2026-27699 |
严重 |
5.0.5 |
5.2.0 |
basic-ftp: basic-ftp: File overwrite due to path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27699
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-25 15:20 修改: 2026-02-26 15:27
|
| protobufjs |
CVE-2026-41242 |
严重 |
7.5.4 |
8.0.1, 7.5.5 |
protobufjs: protobufjs: Arbitrary code execution via injected protobuf definition type fields
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41242
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-04-18 17:16 修改: 2026-04-23 15:26
|
| basic-ftp |
CVE-2026-44240 |
高危 |
5.0.5 |
5.3.1 |
basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44240
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-05-12 21:16 修改: 2026-05-12 21:16
|
| basic-ftp |
GHSA-6v7q-wjvx-w8wg |
高危 |
5.0.5 |
5.2.2 |
basic-ftp: Incomplete CRLF Injection Protection Allows Arbitrary FTP Command Execution via Credentials and MKD Commands
漏洞详情: https://github.com/advisories/GHSA-6v7q-wjvx-w8wg
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-04-10 20:18 修改: 2026-04-10 20:18
|
| http-cache-semantics |
CVE-2022-25881 |
高危 |
4.1.0 |
4.1.1 |
http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2023-01-31 05:15 修改: 2025-03-27 18:17
|
| ip |
CVE-2024-29415 |
高危 |
2.0.0 |
|
node-ip: Incomplete fix for CVE-2023-42282
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2024-05-27 20:15 修改: 2026-04-15 00:35
|
| jws |
CVE-2025-65945 |
高危 |
3.2.2 |
3.2.3, 4.0.1 |
node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-65945
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-12-04 19:16 修改: 2026-03-09 21:19
|
| lodash |
CVE-2026-4800 |
高危 |
4.17.21 |
4.18.0 |
lodash: lodash: Arbitrary code execution via untrusted input in template imports
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4800
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-31 20:16 修改: 2026-05-01 18:09
|
| lodash |
CVE-2026-4800 |
高危 |
4.17.21 |
4.18.0 |
lodash: lodash: Arbitrary code execution via untrusted input in template imports
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4800
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-31 20:16 修改: 2026-05-01 18:09
|
| minimatch |
CVE-2026-26996 |
高危 |
3.1.2 |
10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 |
minimatch: minimatch: Denial of Service via specially crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
|
| minimatch |
CVE-2026-26996 |
高危 |
3.1.2 |
10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 |
minimatch: minimatch: Denial of Service via specially crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
|
| minimatch |
CVE-2026-27903 |
高危 |
3.1.2 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 |
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
|
| minimatch |
CVE-2026-27903 |
高危 |
3.1.2 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 |
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
|
| minimatch |
CVE-2026-27904 |
高危 |
3.1.2 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 |
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
|
| minimatch |
CVE-2026-27904 |
高危 |
3.1.2 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 |
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
|
| minimatch |
CVE-2026-26996 |
高危 |
5.1.1 |
10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 |
minimatch: minimatch: Denial of Service via specially crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
|
| minimatch |
CVE-2026-27903 |
高危 |
5.1.1 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 |
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
|
| minimatch |
CVE-2026-27904 |
高危 |
5.1.1 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 |
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
|
| multer |
CVE-2025-47935 |
高危 |
1.4.5-lts.1 |
2.0.0 |
Multer vulnerable to Denial of Service via memory leaks from unclosed streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47935
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-05-19 20:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2025-47944 |
高危 |
1.4.5-lts.1 |
2.0.0 |
Multer vulnerable to Denial of Service from maliciously crafted requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47944
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-05-19 20:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2025-48997 |
高危 |
1.4.5-lts.1 |
2.0.1 |
multer: Multer vulnerable to Denial of Service via unhandled exception
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48997
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-06-03 19:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2025-7338 |
高危 |
1.4.5-lts.1 |
2.0.2 |
multer: Multer Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7338
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-07-17 16:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2026-2359 |
高危 |
1.4.5-lts.1 |
2.1.0 |
multer: Multer: Denial of Service via dropped file upload connections
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2359
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-27 16:16 修改: 2026-03-19 17:28
|
| multer |
CVE-2026-3304 |
高危 |
1.4.5-lts.1 |
2.1.0 |
multer: Multer: Denial of Service via malformed requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3304
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-27 16:16 修改: 2026-03-19 17:28
|
| multer |
CVE-2026-3520 |
高危 |
1.4.5-lts.1 |
2.1.1 |
multer: Multer: Denial of Service via malformed requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3520
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-04 17:16 修改: 2026-03-09 18:03
|
| nodemailer |
CVE-2025-14874 |
高危 |
6.9.16 |
7.0.11 |
nodemailer: Nodemailer: Denial of service via crafted email address header
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14874
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-12-18 09:15 修改: 2026-01-08 03:15
|
| path-to-regexp |
CVE-2026-4867 |
高危 |
0.1.12 |
0.1.13 |
path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4867
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-26 17:16 修改: 2026-04-16 18:01
|
| picomatch |
CVE-2026-33671 |
高危 |
2.3.1 |
4.0.4, 3.0.2, 2.3.2 |
picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:45
|
| picomatch |
CVE-2026-33671 |
高危 |
2.3.1 |
4.0.4, 3.0.2, 2.3.2 |
picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:45
|
| pnpm |
CVE-2023-37478 |
高危 |
8.3.1 |
7.33.4, 8.6.8 |
pnpm incorrectly parses tar archives relative to specification
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37478
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2023-08-01 12:15 修改: 2024-11-21 08:11
|
| pnpm |
CVE-2025-69262 |
高危 |
8.3.1 |
10.27.0 |
pnpm: pnpm: Remote code execution via command injection in tokenHelper environment variable substitution
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69262
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-07 23:15 修改: 2026-01-12 21:50
|
| pnpm |
CVE-2025-69263 |
高危 |
8.3.1 |
10.26.0 |
pnpm: pnpm Lockfile Integrity Bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69263
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-07 22:15 修改: 2026-01-12 21:52
|
| basic-ftp |
CVE-2026-41324 |
高危 |
5.0.5 |
5.3.0 |
basic-ftp: basic-ftp: Denial of Service via unbounded memory growth from malicious directory listings
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41324
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-04-24 04:16 修改: 2026-04-27 17:48
|
| protobufjs |
CVE-2026-44289 |
高危 |
7.5.4 |
7.5.6, 8.0.2 |
protobuf.js: Denial of service through unbounded protobuf recursion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44289
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| protobufjs |
CVE-2026-44290 |
高危 |
7.5.4 |
7.5.6, 8.0.2 |
protobuf.js: Process-wide denial of service through unsafe option paths
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44290
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| protobufjs |
CVE-2026-44291 |
高危 |
7.5.4 |
7.5.6, 8.0.2 |
protobuf.js: Code generation gadget after prototype pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44291
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| protobufjs |
CVE-2026-44293 |
高危 |
7.5.4 |
7.5.6, 8.0.2 |
protobuf.js: Code injection through bytes field defaults in generated toObject code
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44293
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| semver |
CVE-2022-25883 |
高危 |
7.3.8 |
7.5.2, 6.3.1, 5.7.2 |
nodejs-semver: Regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2023-06-21 05:15 修改: 2025-09-23 15:05
|
| sequelize |
CVE-2026-30951 |
高危 |
6.37.5 |
6.37.8 |
sequelize: Sequelize: Data exfiltration via SQL injection in JSON/JSONB where clause processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-30951
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-10 21:16 修改: 2026-03-18 19:16
|
| systeminformation |
CVE-2025-68154 |
高危 |
5.27.11 |
5.27.14 |
systeminformation: systeminformation: OS Command Injection in `fsSize()` allows arbitrary command execution on Windows.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68154
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2025-12-16 19:16 修改: 2026-02-19 16:26
|
| systeminformation |
CVE-2026-26280 |
高危 |
5.27.11 |
5.30.8 |
systeminformation: systeminformation: Arbitrary command execution via unsanitized network interface parameter
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26280
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-19 20:25 修改: 2026-02-20 20:10
|
| systeminformation |
CVE-2026-26318 |
高危 |
5.27.11 |
5.31.0 |
systeminformation: systeminformation: Arbitrary code execution via unsanitized `locate` output
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26318
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-19 20:25 修改: 2026-02-20 19:51
|
| tar |
CVE-2026-23745 |
高危 |
6.1.13 |
7.5.3 |
node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
|
| tar |
CVE-2026-23950 |
高危 |
6.1.13 |
7.5.4 |
node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
|
| tar |
CVE-2026-24842 |
高危 |
6.1.13 |
7.5.7 |
node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
|
| tar |
CVE-2026-26960 |
高危 |
6.1.13 |
7.5.8 |
node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
|
| tar |
CVE-2026-29786 |
高危 |
6.1.13 |
7.5.10 |
node-tar: hardlink path traversal via drive-relative linkpath
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
|
| tar |
CVE-2026-31802 |
高危 |
6.1.13 |
7.5.11 |
tar: tar: File overwrite via drive-relative symlink traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
|
| tar |
CVE-2026-23745 |
高危 |
6.2.1 |
7.5.3 |
node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
|
| tar |
CVE-2026-23950 |
高危 |
6.2.1 |
7.5.4 |
node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
|
| tar |
CVE-2026-24842 |
高危 |
6.2.1 |
7.5.7 |
node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
|
| tar |
CVE-2026-26960 |
高危 |
6.2.1 |
7.5.8 |
node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
|
| tar |
CVE-2026-29786 |
高危 |
6.2.1 |
7.5.10 |
node-tar: hardlink path traversal via drive-relative linkpath
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
|
| tar |
CVE-2026-31802 |
高危 |
6.2.1 |
7.5.11 |
tar: tar: File overwrite via drive-relative symlink traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
|
| undici |
CVE-2026-1526 |
高危 |
7.9.0 |
6.24.0, 7.24.0 |
undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1526
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-12 21:16 修改: 2026-03-20 15:56
|
| undici |
CVE-2026-1528 |
高危 |
7.9.0 |
6.24.0, 7.24.0 |
undici: undici: Denial of Service via crafted WebSocket frame with large length
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1528
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-12 21:16 修改: 2026-03-20 15:41
|
| undici |
CVE-2026-2229 |
高危 |
7.9.0 |
6.24.0, 7.24.0 |
undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2229
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-12 21:16 修改: 2026-03-20 15:39
|
| validator |
CVE-2025-12758 |
高危 |
13.12.0 |
13.15.22 |
Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12758
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-11-27 05:16 修改: 2026-01-29 23:16
|
| pnpm |
CVE-2026-24131 |
中危 |
8.3.1 |
10.28.2 |
pnpm: pnpm: Arbitrary file permission modification via directory traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24131
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-26 22:15 修改: 2026-01-28 17:05
|
| ip-address |
CVE-2026-42338 |
中危 |
9.0.5 |
10.1.1 |
ip-address has XSS in Address6 HTML-emitting methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
|
| js-yaml |
CVE-2025-64718 |
中危 |
4.1.0 |
4.1.1, 3.14.2 |
js-yaml: js-yaml prototype pollution in merge
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64718
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-11-13 16:15 修改: 2026-02-02 12:54
|
| brace-expansion |
CVE-2026-33750 |
中危 |
1.1.11 |
5.0.5, 3.0.2, 2.0.3, 1.1.13 |
brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
|
| brace-expansion |
CVE-2026-33750 |
中危 |
2.0.1 |
5.0.5, 3.0.2, 2.0.3, 1.1.13 |
brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
|
| dottie |
CVE-2026-27837 |
中危 |
2.0.6 |
2.0.7 |
dottie.js: dottie.js: Unauthorized object modification via prototype pollution bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27837
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-26 01:16 修改: 2026-02-28 00:58
|
| protobufjs |
CVE-2026-44288 |
中危 |
7.5.4 |
7.5.6, 8.0.2 |
protobufjs has overlong UTF-8 decoding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44288
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| protobufjs |
CVE-2026-44292 |
中危 |
7.5.4 |
7.5.6, 8.0.2 |
protobuf.js: Prototype injection in generated message constructors
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44292
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| protobufjs |
CVE-2026-44294 |
中危 |
7.5.4 |
7.5.6, 8.0.2 |
protobuf.js: Denial of service from crafted field names in generated code
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44294
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| qs |
CVE-2025-15284 |
中危 |
6.13.0 |
6.14.1 |
qs: qs: Denial of Service via improper input validation in array parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15284
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-12-29 23:15 修改: 2026-02-26 19:57
|
| lodash |
CVE-2025-13465 |
中危 |
4.17.21 |
4.17.23 |
lodash: prototype pollution in _.unset and _.omit functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13465
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-01-21 20:16 修改: 2026-02-17 17:10
|
| lodash |
CVE-2025-13465 |
中危 |
4.17.21 |
4.17.23 |
lodash: prototype pollution in _.unset and _.omit functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13465
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-21 20:16 修改: 2026-02-17 17:10
|
| lodash |
CVE-2026-2950 |
中危 |
4.17.21 |
4.18.0 |
lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2950
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-31 20:16 修改: 2026-04-07 16:12
|
| lodash |
CVE-2026-2950 |
中危 |
4.17.21 |
4.18.0 |
lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2950
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-31 20:16 修改: 2026-04-07 16:12
|
| follow-redirects |
GHSA-r4q5-vmmm-2653 |
中危 |
1.15.11 |
1.16.0 |
follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets
漏洞详情: https://github.com/advisories/GHSA-r4q5-vmmm-2653
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-04-14 01:11 修改: 2026-04-14 01:11
|
| nodemailer |
CVE-2025-13033 |
中危 |
6.9.16 |
7.0.7 |
nodemailer: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13033
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-11-14 20:15 修改: 2026-05-11 13:16
|
| nodemailer |
GHSA-vvjj-xcjg-gr5g |
中危 |
6.9.16 |
8.0.5 |
Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO)
漏洞详情: https://github.com/advisories/GHSA-vvjj-xcjg-gr5g
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-04-08 15:05 修改: 2026-04-08 15:05
|
| follow-redirects |
GHSA-r4q5-vmmm-2653 |
中危 |
1.15.9 |
1.16.0 |
follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets
漏洞详情: https://github.com/advisories/GHSA-r4q5-vmmm-2653
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-04-14 01:11 修改: 2026-04-14 01:11
|
| @protobufjs/utf8 |
CVE-2026-44288 |
中危 |
1.1.0 |
1.1.1 |
protobufjs has overlong UTF-8 decoding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44288
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| http-proxy-middleware |
CVE-2025-32996 |
中危 |
3.0.3 |
2.0.8, 3.0.4 |
http-proxy-middleware: Always-Incorrect Control Flow Implementation in http-proxy-middleware
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32996
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-04-15 03:15 修改: 2025-10-21 14:43
|
| picomatch |
CVE-2026-33672 |
中危 |
2.3.1 |
4.0.4, 3.0.2, 2.3.2 |
picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:44
|
| tar |
CVE-2024-28863 |
中危 |
6.1.13 |
6.2.1 |
node-tar: denial of service while parsing a tar file due to lack of folders depth validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2024-03-21 23:15 修改: 2025-12-16 17:25
|
| picomatch |
CVE-2026-33672 |
中危 |
2.3.1 |
4.0.4, 3.0.2, 2.3.2 |
picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:44
|
| http-proxy-middleware |
CVE-2025-32997 |
中危 |
3.0.3 |
2.0.9, 3.0.5 |
http-proxy-middleware: Improper Check for Unusual or Exceptional Conditions in http-proxy-middleware
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32997
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-04-15 03:15 修改: 2025-10-21 14:42
|
| brace-expansion |
CVE-2026-33750 |
中危 |
1.1.11 |
5.0.5, 3.0.2, 2.0.3, 1.1.13 |
brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
|
| ip-address |
CVE-2026-42338 |
中危 |
10.1.0 |
10.1.1 |
ip-address has XSS in Address6 HTML-emitting methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
|
| pnpm |
CVE-2024-47829 |
中危 |
8.3.1 |
10.0.0 |
pnpm: pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47829
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2025-04-23 16:15 修改: 2025-09-19 20:08
|
| pnpm |
CVE-2024-53866 |
中危 |
8.3.1 |
9.15.0 |
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-53866
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2024-12-10 18:15 修改: 2025-09-22 18:03
|
| pnpm |
CVE-2026-23888 |
中危 |
8.3.1 |
10.28.1 |
pnpm: pnpm: Arbitrary file write via path traversal in binary fetcher leading to remote code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23888
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-26 22:15 修改: 2026-01-28 17:47
|
| pnpm |
CVE-2026-23889 |
中危 |
8.3.1 |
10.28.1 |
pnpm: pnpm: Arbitrary file write via path traversal on Windows
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23889
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-26 22:15 修改: 2026-01-28 17:33
|
| pnpm |
CVE-2026-23890 |
中危 |
8.3.1 |
10.28.1 |
pnpm: pnpm: Arbitrary code execution via path traversal in bin linking
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23890
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-26 22:15 修改: 2026-01-28 17:32
|
| undici |
CVE-2026-1525 |
中危 |
7.9.0 |
6.24.0, 7.24.0 |
undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1525
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-12 20:16 修改: 2026-03-19 17:29
|
| undici |
CVE-2026-1527 |
中危 |
7.9.0 |
6.24.0, 7.24.0 |
undici: Undici: HTTP header injection and request smuggling vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1527
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-12 21:16 修改: 2026-03-20 15:49
|
| undici |
CVE-2026-22036 |
中危 |
7.9.0 |
7.18.2, 6.23.0 |
undici: Undici: Denial of Service via excessive decompression steps
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22036
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-01-14 19:16 修改: 2026-01-22 21:15
|
| uuid |
CVE-2026-41907 |
中危 |
11.0.3 |
11.1.1, 12.0.1, 13.0.1 |
uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-04-24 19:17 修改: 2026-05-11 13:53
|
| pnpm |
CVE-2026-24056 |
中危 |
8.3.1 |
10.28.2 |
pnpm: pnpm symlink traversal in file:/git dependencies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24056
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-26 22:15 修改: 2026-01-28 17:27
|
| validator |
CVE-2025-56200 |
中危 |
13.12.0 |
13.15.20 |
validator.js has a URL validation bypass vulnerability in its isURL function
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-56200
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-09-30 18:15 修改: 2025-10-18 01:48
|
| brace-expansion |
CVE-2025-5889 |
低危 |
1.1.11 |
2.0.2, 1.1.12, 3.0.1, 4.0.1 |
brace-expansion: juliangruber brace-expansion index.js expand redos
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
|
| @tootallnate/once |
CVE-2026-3449 |
低危 |
1.1.2 |
3.0.1 |
@tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3449
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-03 05:17 修改: 2026-04-29 01:00
|
| brace-expansion |
CVE-2025-5889 |
低危 |
2.0.1 |
2.0.2, 1.1.12, 3.0.1, 4.0.1 |
brace-expansion: juliangruber brace-expansion index.js expand redos
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
|
| diff |
CVE-2026-24001 |
低危 |
4.0.2 |
8.0.3, 5.2.2, 4.0.4, 3.5.1 |
jsdiff: denial of service vulnerability in parsePatch and applyPatch
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-01-22 03:15 修改: 2026-03-04 15:23
|
| @tootallnate/once |
CVE-2026-3449 |
低危 |
2.0.0 |
3.0.1 |
@tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3449
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2026-03-03 05:17 修改: 2026-04-29 01:00
|
| qs |
CVE-2026-2391 |
低危 |
6.13.0 |
6.14.2 |
qs: qs's arrayLimit bypass in comma parsing allows denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2391
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-02-12 05:17 修改: 2026-02-24 20:13
|
| pm2 |
CVE-2025-5891 |
低危 |
6.0.14 |
|
pm2 Regular Expression Denial of Service vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5891
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
|
| ip |
CVE-2023-42282 |
低危 |
2.0.0 |
2.0.1, 1.1.9 |
nodejs-ip: arbitrary code execution via the isPublic() function
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282
镜像层: sha256:9a985ff92013c29a334c8731449385a2d3832f94b18ad1a01fb31d13d3f2b490
发布日期: 2024-02-08 17:15 修改: 2025-05-15 20:15
|
| brace-expansion |
CVE-2025-5889 |
低危 |
1.1.11 |
2.0.2, 1.1.12, 3.0.1, 4.0.1 |
brace-expansion: juliangruber brace-expansion index.js expand redos
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
|
| nodemailer |
GHSA-c7w3-x93f-qmm8 |
低危 |
6.9.16 |
8.0.4 |
Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter
漏洞详情: https://github.com/advisories/GHSA-c7w3-x93f-qmm8
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2026-03-26 22:26 修改: 2026-03-26 22:26
|
| on-headers |
CVE-2025-7339 |
低危 |
1.0.2 |
1.1.0 |
on-headers: on-headers vulnerable to http response header manipulation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7339
镜像层: sha256:fe5f94572b54ebdd2492a6ac610a6be6c904b39f710efc432a3f247749832dde
发布日期: 2025-07-17 16:15 修改: 2026-04-15 00:35
|