| babel-traverse |
CVE-2023-45133 |
严重 |
6.26.0 |
7.23.2 |
babel: arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45133
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-10-12 17:15 修改: 2023-10-24 16:52
|
| deep-extend |
CVE-2018-3750 |
严重 |
0.4.2 |
0.5.1 |
nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-3750
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2018-07-03 21:29 修改: 2018-08-23 13:12
|
| ejs |
CVE-2022-29078 |
严重 |
2.5.8 |
3.1.7 |
ejs: server-side template injection in outputFunctionName
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29078
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-04-25 15:15 修改: 2023-08-08 14:22
|
| json-schema |
CVE-2021-3918 |
严重 |
0.2.3 |
0.4.0 |
nodejs-json-schema: Prototype pollution vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-11-13 09:15 修改: 2023-02-03 19:15
|
| loader-utils |
CVE-2022-37601 |
严重 |
1.1.0 |
2.0.3, 1.4.1 |
loader-utils: prototype pollution in function parseQuery in parseQuery.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37601
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-10-12 20:15 修改: 2023-02-28 15:02
|
| lodash |
CVE-2019-10744 |
严重 |
4.17.5 |
4.17.12 |
nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10744
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-07-26 00:15 修改: 2024-01-21 02:45
|
| macaddress |
CVE-2018-13797 |
严重 |
0.2.8 |
0.2.9 |
nodejs-macaddress: improper input validation leading to command injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-13797
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2018-07-10 12:29 修改: 2019-10-03 00:03
|
| macaddress |
NSWG-ECO-427 |
严重 |
0.2.8 |
|
Command Injection - Generic
漏洞详情: https://hackerone.com/reports/319467
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| minimist |
CVE-2021-44906 |
严重 |
0.0.8 |
1.2.6, 0.2.4 |
minimist: prototype pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15
|
| minimist |
CVE-2021-44906 |
严重 |
0.1.0 |
1.2.6, 0.2.4 |
minimist: prototype pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15
|
| minimist |
CVE-2021-44906 |
严重 |
1.2.0 |
1.2.6, 0.2.4 |
minimist: prototype pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15
|
| minimist |
CVE-2021-44906 |
严重 |
1.2.0 |
1.2.6, 0.2.4 |
minimist: prototype pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15
|
| mixin-deep |
CVE-2019-10746 |
严重 |
1.3.1 |
1.3.2, 2.0.1 |
nodejs-mixin-deep: prototype pollution in function mixin-deep
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10746
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-08-23 17:15 修改: 2023-11-07 03:02
|
| set-value |
CVE-2019-10747 |
严重 |
0.4.3 |
2.0.1, 3.0.1 |
nodejs-set-value: prototype pollution in function set-value
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10747
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-08-23 17:15 修改: 2023-11-07 03:02
|
| set-value |
CVE-2019-10747 |
严重 |
2.0.0 |
2.0.1, 3.0.1 |
nodejs-set-value: prototype pollution in function set-value
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10747
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-08-23 17:15 修改: 2023-11-07 03:02
|
| underscore |
CVE-2021-23358 |
严重 |
1.6.0 |
1.12.1 |
nodejs-underscore: Arbitrary code execution via the template function
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
|
| ansi-regex |
CVE-2021-3807 |
高危 |
3.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
3.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| elliptic |
CVE-2020-13822 |
高危 |
6.4.0 |
6.5.3 |
nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13822
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-06-04 15:15 修改: 2024-10-16 13:45
|
| hawk |
CVE-2022-29167 |
高危 |
3.1.3 |
9.0.1 |
hawk: REDoS in hawk.utils.parseHost() when parsing Host header
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29167
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-05-05 23:15 修改: 2023-07-21 16:42
|
| hoek |
CVE-2020-36604 |
高危 |
2.16.3 |
|
hapi/hoek: Prototype Pollution in @hapi/hoek
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36604
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-09-23 06:15 修改: 2023-11-07 03:22
|
| http-cache-semantics |
CVE-2022-25881 |
高危 |
3.8.1 |
4.1.1 |
http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
|
| ini |
CVE-2020-7788 |
高危 |
1.3.5 |
1.3.6 |
nodejs-ini: Prototype pollution via malicious INI file
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40
|
| is-svg |
CVE-2021-28092 |
高危 |
2.1.0 |
4.2.2 |
nodejs-is-svg: ReDoS via malicious string
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28092
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-12 22:15 修改: 2023-08-08 14:22
|
| is-svg |
CVE-2021-29059 |
高危 |
2.1.0 |
4.3.0 |
nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29059
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-06-21 16:15 修改: 2021-11-04 14:17
|
| js-yaml |
GHSA-8j8c-7jfh-h6hx |
高危 |
3.11.0 |
3.13.1 |
Code Injection in js-yaml
漏洞详情: https://github.com/advisories/GHSA-8j8c-7jfh-h6hx
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| js-yaml |
GHSA-8j8c-7jfh-h6hx |
高危 |
3.7.0 |
3.13.1 |
Code Injection in js-yaml
漏洞详情: https://github.com/advisories/GHSA-8j8c-7jfh-h6hx
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| ansi-regex |
CVE-2021-3807 |
高危 |
3.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| json5 |
CVE-2022-46175 |
高危 |
0.5.1 |
2.2.2, 1.0.2 |
json5: Prototype Pollution in JSON5 via Parse Method
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15
|
| kind-of |
CVE-2019-20149 |
高危 |
6.0.2 |
6.0.3 |
nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20149
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-30 19:15 修改: 2020-08-24 17:37
|
| kind-of |
CVE-2019-20149 |
高危 |
6.0.2 |
6.0.3 |
nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20149
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-30 19:15 修改: 2020-08-24 17:37
|
| kind-of |
CVE-2019-20149 |
高危 |
6.0.2 |
6.0.3 |
nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20149
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-30 19:15 修改: 2020-08-24 17:37
|
| kind-of |
CVE-2019-20149 |
高危 |
6.0.2 |
6.0.3 |
nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20149
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-30 19:15 修改: 2020-08-24 17:37
|
| kind-of |
CVE-2019-20149 |
高危 |
6.0.2 |
6.0.3 |
nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20149
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-30 19:15 修改: 2020-08-24 17:37
|
| kind-of |
CVE-2019-20149 |
高危 |
6.0.2 |
6.0.3 |
nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20149
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-30 19:15 修改: 2020-08-24 17:37
|
| kind-of |
CVE-2019-20149 |
高危 |
6.0.2 |
6.0.3 |
nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20149
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-30 19:15 修改: 2020-08-24 17:37
|
| ansi-regex |
CVE-2021-3807 |
高危 |
3.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| loader-utils |
CVE-2022-37599 |
高危 |
1.1.0 |
1.4.2, 2.0.4, 3.2.1 |
loader-utils: regular expression denial of service in interpolateName.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37599
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-10-11 19:15 修改: 2024-02-28 03:15
|
| loader-utils |
CVE-2022-37603 |
高危 |
1.1.0 |
1.4.2, 2.0.4, 3.2.1 |
loader-utils: Regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37603
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-10-14 16:15 修改: 2023-11-07 03:49
|
| ansi-regex |
CVE-2021-3807 |
高危 |
3.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| lodash |
CVE-2018-16487 |
高危 |
4.17.5 |
>=4.17.11 |
lodash: Prototype pollution in utilities function
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16487
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-02-01 18:29 修改: 2020-09-18 16:38
|
| lodash |
CVE-2020-8203 |
高危 |
4.17.5 |
4.17.19 |
nodejs-lodash: prototype pollution in zipObjectDeep function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8203
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-07-15 17:15 修改: 2024-01-21 02:37
|
| lodash |
CVE-2021-23337 |
高危 |
4.17.5 |
4.17.21 |
nodejs-lodash: command injection via template
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23337
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-02-15 13:15 修改: 2022-09-13 21:25
|
| async |
CVE-2021-43138 |
高危 |
2.6.0 |
3.2.2, 2.6.4 |
async: Prototype Pollution in async
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43138
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-04-06 17:15 修改: 2024-06-21 19:15
|
| acorn |
GHSA-6chw-6frg-f759 |
高危 |
5.5.3 |
5.7.4, 6.4.1, 7.1.1 |
Regular Expression Denial of Service in Acorn
漏洞详情: https://github.com/advisories/GHSA-6chw-6frg-f759
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| minimatch |
CVE-2022-3517 |
高危 |
3.0.4 |
3.0.5 |
nodejs-minimatch: ReDoS via the braceExpand function
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
|
| braces |
CVE-2024-4068 |
高危 |
1.8.5 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
1.8.5 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
1.8.5 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
2.3.2 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| browserify-sign |
CVE-2023-46234 |
高危 |
4.0.4 |
4.2.2 |
browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46234
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-10-26 15:15 修改: 2024-02-28 03:15
|
| node-fetch |
CVE-2022-0235 |
高危 |
1.7.3 |
3.1.1, 2.6.7 |
node-fetch: exposure of sensitive information to an unauthorized actor
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16
|
| qs |
CVE-2022-24999 |
高危 |
6.4.0 |
6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 |
express: "qs" prototype poisoning causes the hang of the node process
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
|
| semver |
CVE-2022-25883 |
高危 |
5.5.0 |
7.5.2, 6.3.1, 5.7.2 |
nodejs-semver: Regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-06-21 05:15 修改: 2024-12-06 17:15
|
| serialize-javascript |
CVE-2020-7660 |
高危 |
1.5.0 |
3.1.0 |
npm-serialize-javascript: allows remote attackers to inject arbitrary code via the function deleteFunctions within index.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7660
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-06-01 15:15 修改: 2020-06-08 16:35
|
| cross-spawn |
CVE-2024-21538 |
高危 |
5.1.0 |
7.0.5, 6.0.6 |
cross-spawn: regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
|
| set-value |
CVE-2021-23440 |
高危 |
0.4.3 |
4.0.1, 2.0.1, 3.0.3 |
nodejs-set-value: type confusion allows bypass of CVE-2019-10747
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23440
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-09-12 13:15 修改: 2022-03-29 16:39
|
| cross-spawn |
CVE-2024-21538 |
高危 |
6.0.5 |
7.0.5, 6.0.6 |
cross-spawn: regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
|
| set-value |
CVE-2021-23440 |
高危 |
2.0.0 |
4.0.1, 2.0.1, 3.0.3 |
nodejs-set-value: type confusion allows bypass of CVE-2019-10747
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23440
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-09-12 13:15 修改: 2022-03-29 16:39
|
| shelljs |
CVE-2022-0144 |
高危 |
0.8.1 |
0.8.5 |
nodejs-shelljs: improper privilege management
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0144
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-01-11 07:15 修改: 2022-02-09 14:17
|
| ssri |
CVE-2021-27290 |
高危 |
5.3.0 |
6.0.2, 7.1.1, 8.0.1 |
nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27290
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-12 22:15 修改: 2022-05-13 20:51
|
| ua-parser-js |
CVE-2020-7733 |
高危 |
0.7.17 |
0.7.22 |
nodejs-ua-parser-js: Regular expression denial of service via the regex
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7733
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-09-16 14:15 修改: 2022-10-07 18:37
|
| ua-parser-js |
CVE-2020-7793 |
高危 |
0.7.17 |
0.7.23 |
nodejs-ua-parser-js: ReDoS in multiple regexes
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7793
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-12-11 14:15 修改: 2022-09-13 21:23
|
| ua-parser-js |
CVE-2021-27292 |
高危 |
0.7.17 |
0.7.24 |
nodejs-ua-parser-js: ReDoS via malicious User-Agent header
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27292
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-17 13:15 修改: 2021-03-23 20:21
|
| ua-parser-js |
CVE-2022-25927 |
高危 |
0.7.17 |
0.7.33, 1.0.33 |
ua-parser-js: ReDoS vulnerability via the trim() function
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25927
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-01-26 21:15 修改: 2023-11-07 03:44
|
| decode-uri-component |
CVE-2022-38900 |
高危 |
0.2.0 |
0.2.1 |
decode-uri-component: improper input validation resulting in DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38900
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-11-28 13:15 修改: 2023-11-07 03:50
|
| y18n |
CVE-2020-7774 |
高危 |
3.2.1 |
3.2.2, 4.0.1, 5.0.5 |
nodejs-y18n: prototype pollution vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7774
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-11-17 13:15 修改: 2022-12-02 19:40
|
| y18n |
CVE-2020-7774 |
高危 |
4.0.0 |
3.2.2, 4.0.1, 5.0.5 |
nodejs-y18n: prototype pollution vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7774
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-11-17 13:15 修改: 2022-12-02 19:40
|
| minimist |
CVE-2020-7598 |
中危 |
0.0.8 |
0.2.1, 1.2.3 |
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02
|
| ajv |
CVE-2020-15366 |
中危 |
6.3.0 |
6.12.3 |
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
|
| minimist |
CVE-2020-7598 |
中危 |
0.1.0 |
0.2.1, 1.2.3 |
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02
|
| ajv |
CVE-2020-15366 |
中危 |
4.11.8 |
6.12.3 |
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
|
| ajv |
CVE-2020-15366 |
中危 |
5.5.2 |
6.12.3 |
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
|
| minimist |
CVE-2020-7598 |
中危 |
1.2.0 |
0.2.1, 1.2.3 |
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02
|
| minimist |
CVE-2020-7598 |
中危 |
1.2.0 |
0.2.1, 1.2.3 |
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7598
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-03-11 23:15 修改: 2022-04-22 19:02
|
| ejs |
CVE-2024-33883 |
中危 |
2.5.8 |
3.1.10 |
The ejs (aka Embedded JavaScript templates) package before 3.1.10 for ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33883
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-04-28 16:15 修改: 2024-08-01 13:52
|
| color-string |
CVE-2021-29060 |
中危 |
0.3.0 |
1.5.5 |
nodejs-color-string: Regular expression denial of service when the application is provided and checks a crafted invalid HWB string
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29060
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-06-21 16:15 修改: 2021-07-01 14:57
|
| path-parse |
CVE-2021-23343 |
中危 |
1.0.5 |
1.0.7 |
nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23343
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-05-04 09:15 修改: 2023-11-07 03:30
|
| postcss |
CVE-2021-23382 |
中危 |
5.2.18 |
8.2.13, 7.0.36 |
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23382
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-04-26 16:15 修改: 2023-08-08 14:22
|
| postcss |
CVE-2023-44270 |
中危 |
5.2.18 |
8.4.31 |
PostCSS: Improper input validation in PostCSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
|
| postcss |
CVE-2021-23382 |
中危 |
6.0.21 |
8.2.13, 7.0.36 |
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23382
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-04-26 16:15 修改: 2023-08-08 14:22
|
| postcss |
CVE-2021-23382 |
中危 |
6.0.21 |
8.2.13, 7.0.36 |
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23382
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-04-26 16:15 修改: 2023-08-08 14:22
|
| postcss |
CVE-2021-23382 |
中危 |
6.0.21 |
8.2.13, 7.0.36 |
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23382
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-04-26 16:15 修改: 2023-08-08 14:22
|
| postcss |
CVE-2021-23382 |
中危 |
6.0.21 |
8.2.13, 7.0.36 |
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23382
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-04-26 16:15 修改: 2023-08-08 14:22
|
| postcss |
CVE-2021-23382 |
中危 |
6.0.21 |
8.2.13, 7.0.36 |
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23382
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-04-26 16:15 修改: 2023-08-08 14:22
|
| postcss |
CVE-2021-23382 |
中危 |
6.0.21 |
8.2.13, 7.0.36 |
nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23382
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-04-26 16:15 修改: 2023-08-08 14:22
|
| postcss |
CVE-2023-44270 |
中危 |
6.0.21 |
8.4.31 |
PostCSS: Improper input validation in PostCSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
|
| postcss |
CVE-2023-44270 |
中危 |
6.0.21 |
8.4.31 |
PostCSS: Improper input validation in PostCSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
|
| postcss |
CVE-2023-44270 |
中危 |
6.0.21 |
8.4.31 |
PostCSS: Improper input validation in PostCSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
|
| postcss |
CVE-2023-44270 |
中危 |
6.0.21 |
8.4.31 |
PostCSS: Improper input validation in PostCSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
|
| postcss |
CVE-2023-44270 |
中危 |
6.0.21 |
8.4.31 |
PostCSS: Improper input validation in PostCSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
|
| postcss |
CVE-2023-44270 |
中危 |
6.0.21 |
8.4.31 |
PostCSS: Improper input validation in PostCSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
|
| js-yaml |
GHSA-2pr6-76vf-7546 |
中危 |
3.11.0 |
3.13.0 |
Denial of Service in js-yaml
漏洞详情: https://github.com/advisories/GHSA-2pr6-76vf-7546
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| randomatic |
CVE-2017-16028 |
中危 |
1.1.7 |
3.0.0 |
Cryptographically Weak PRNG in randomatic
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16028
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2018-06-04 19:29 修改: 2019-10-09 23:24
|
| request |
CVE-2023-28155 |
中危 |
2.81.0 |
|
The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
|
| elliptic |
CVE-2020-28498 |
中危 |
6.4.0 |
6.5.4 |
The package elliptic before 6.5.4 are vulnerable to Cryptographic Issu ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28498
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-02-02 19:15 修改: 2024-10-16 13:45
|
| js-yaml |
GHSA-2pr6-76vf-7546 |
中危 |
3.7.0 |
3.13.0 |
Denial of Service in js-yaml
漏洞详情: https://github.com/advisories/GHSA-2pr6-76vf-7546
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| serialize-javascript |
CVE-2019-16769 |
中危 |
1.5.0 |
2.1.1 |
npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16769
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-12-05 19:15 修改: 2020-01-17 13:42
|
| extend |
CVE-2018-16492 |
中危 |
3.0.1 |
3.0.2, 2.0.2 |
nodejs-extend: Prototype pollution can allow attackers to modify object properties
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16492
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-02-01 18:29 修改: 2019-10-09 23:36
|
| got |
CVE-2022-33987 |
中危 |
7.1.0 |
12.1.0, 11.8.5 |
nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
|
| lodash |
CVE-2019-1010266 |
中危 |
4.17.5 |
4.17.11 |
lodash: uncontrolled resource consumption in Data handler causing denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010266
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2019-07-17 21:15 修改: 2020-09-30 13:40
|
| lodash |
CVE-2020-28500 |
中危 |
4.17.5 |
4.17.21 |
nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28500
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-02-15 11:15 修改: 2022-09-13 21:18
|
| got |
CVE-2022-33987 |
中危 |
8.3.0 |
12.1.0, 11.8.5 |
nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
|
| shelljs |
GHSA-64g7-mvw6-v9qj |
中危 |
0.8.1 |
0.8.5 |
Improper Privilege Management in shelljs
漏洞详情: https://github.com/advisories/GHSA-64g7-mvw6-v9qj
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| ajv |
CVE-2020-15366 |
中危 |
5.5.2 |
6.12.3 |
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
|
| stringstream |
CVE-2018-21270 |
中危 |
0.0.5 |
0.0.6 |
nodejs-stringstream: out-of-bounds read leading to uninitialized memory exposure
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-21270
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-12-03 21:15 修改: 2021-02-16 14:35
|
| stringstream |
NSWG-ECO-422 |
中危 |
0.0.5 |
>=0.0.6 |
Out-of-bounds Read
漏洞详情: https://hackerone.com/reports/321670
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| tough-cookie |
CVE-2023-26136 |
中危 |
2.3.4 |
4.1.3 |
tough-cookie: prototype pollution in cookie memstore
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
|
| mem |
GHSA-4xcv-9jjx-gfj3 |
中危 |
1.1.0 |
4.0.0 |
Denial of Service in mem
漏洞详情: https://github.com/advisories/GHSA-4xcv-9jjx-gfj3
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| micromatch |
CVE-2024-4067 |
中危 |
2.3.11 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| micromatch |
CVE-2024-4067 |
中危 |
2.3.11 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| micromatch |
CVE-2024-4067 |
中危 |
2.3.11 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| micromatch |
CVE-2024-4067 |
中危 |
3.1.10 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| ajv |
CVE-2020-15366 |
中危 |
5.5.2 |
6.12.3 |
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
|
| hosted-git-info |
CVE-2021-23362 |
中危 |
2.6.0 |
2.8.9, 3.0.8 |
nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23362
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-23 17:15 修改: 2023-08-08 14:22
|
| yargs-parser |
CVE-2020-7608 |
中危 |
9.0.2 |
13.1.2, 15.0.1, 18.1.1, 5.0.1 |
nodejs-yargs-parser: prototype pollution vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7608
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-03-16 20:15 修改: 2022-11-15 16:40
|
| chownr |
CVE-2017-18869 |
低危 |
1.0.1 |
1.1.0 |
nodejs-chownr: TOCTOU vulnerability in `chownr` function in chownr.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18869
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2020-06-15 15:15 修改: 2020-06-17 19:51
|
| braces |
CVE-2018-1109 |
低危 |
1.8.5 |
2.3.1 |
nodejs-braces: Regular Expression Denial of Service (ReDoS) in lib/parsers.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1109
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-30 02:15 修改: 2023-11-07 02:55
|
| braces |
GHSA-g95f-p29q-9xw4 |
低危 |
1.8.5 |
2.3.1 |
Regular Expression Denial of Service in braces
漏洞详情: https://github.com/advisories/GHSA-g95f-p29q-9xw4
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| elliptic |
CVE-2024-42459 |
低危 |
6.4.0 |
6.5.7 |
elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42459
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-08-02 07:16 修改: 2024-08-02 15:35
|
| elliptic |
CVE-2024-42460 |
低危 |
6.4.0 |
6.5.7 |
elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42460
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-08-02 07:16 修改: 2024-08-02 16:35
|
| elliptic |
CVE-2024-42461 |
低危 |
6.4.0 |
6.5.7 |
elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42461
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-08-02 07:16 修改: 2024-08-16 16:51
|
| elliptic |
CVE-2024-48948 |
低危 |
6.4.0 |
6.6.0 |
elliptic: ECDSA signature verification error may reject legitimate transactions
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48948
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-10-15 14:15 修改: 2024-12-20 13:15
|
| elliptic |
CVE-2024-48949 |
低危 |
6.4.0 |
6.5.6 |
elliptic: Missing Validation in Elliptic's EDDSA Signature Verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48949
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2024-10-10 01:15 修改: 2024-12-27 16:15
|
| braces |
GHSA-g95f-p29q-9xw4 |
低危 |
1.8.5 |
2.3.1 |
Regular Expression Denial of Service in braces
漏洞详情: https://github.com/advisories/GHSA-g95f-p29q-9xw4
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| braces |
GHSA-g95f-p29q-9xw4 |
低危 |
1.8.5 |
2.3.1 |
Regular Expression Denial of Service in braces
漏洞详情: https://github.com/advisories/GHSA-g95f-p29q-9xw4
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| braces |
CVE-2018-1109 |
低危 |
1.8.5 |
2.3.1 |
nodejs-braces: Regular Expression Denial of Service (ReDoS) in lib/parsers.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1109
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-30 02:15 修改: 2023-11-07 02:55
|
| deep-extend |
NSWG-ECO-408 |
低危 |
0.4.2 |
>=0.5.1 |
deep-extend prototype pollution
漏洞详情: https://hackerone.com/reports/311333
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| braces |
CVE-2018-1109 |
低危 |
1.8.5 |
2.3.1 |
nodejs-braces: Regular Expression Denial of Service (ReDoS) in lib/parsers.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1109
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2021-03-30 02:15 修改: 2023-11-07 02:55
|
| hoek |
CVE-2018-3728 |
低危 |
2.16.3 |
>=5.0.3 >=4.2.1 |
hoek: Prototype pollution in utilities function
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-3728
镜像层: sha256:53793b8614349c5896164a8f9a89bcca53636da8002bf8ac93ba3e447d2e9527
发布日期: 2018-03-30 19:29 修改: 2019-10-09 23:40
|