docker.io/zerob13/mock-openai-api:1.0.4 linux/amd64

docker.io/zerob13/mock-openai-api:1.0.4 - Trivy安全扫描结果扫描时间: 2026-05-18 10:27

全部漏洞信息

低危漏洞:9

中危漏洞:39

高危漏洞:38

严重漏洞:4

系统OS: alpine 3.22.0 扫描引擎: Trivy 扫描时间: 2026-05-18 10:27

docker.io/zerob13/mock-openai-api:1.0.4 (alpine 3.22.0) (alpine)

低危漏洞:5

中危漏洞:34

高危漏洞:15

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcrypto3	CVE-2025-15467	严重	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-07 18:12
libcrypto3	CVE-2026-31789	严重	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-15467	严重	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-07 18:12
libssl3	CVE-2026-31789	严重	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-28387	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-28388	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-28389	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-28390	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2025-69419	高危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2025-69421	高危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69419	高危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69421	高危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28387	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28388	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28389	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28390	高危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
musl	CVE-2026-40200	高危	1.2.5-r10	1.2.5-r12	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
musl-utils	CVE-2026-40200	高危	1.2.5-r10	1.2.5-r12	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
zlib	CVE-2026-22184	高危	1.3.1-r2	1.3.2-r0	zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-07 21:16 修改: 2026-03-18 16:26
libcrypto3	CVE-2025-9231	中危	3.5.0-r0	3.5.4-r0	openssl: Timing side-channel in SM2 algorithm on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-22795	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-22796	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-2673	中危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-03-13 19:54 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-31790	中危	3.5.0-r0	3.5.6-r0	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
busybox	CVE-2024-58251	中危	1.37.0-r18	1.37.0-r20	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
busybox-binsh	CVE-2024-58251	中危	1.37.0-r18	1.37.0-r20	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
libcrypto3	CVE-2025-11187	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-03-20 14:16
libcrypto3	CVE-2025-15468	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libcrypto3	CVE-2025-15469	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libcrypto3	CVE-2025-4575	中危	3.5.0-r0	3.5.1-r0	Issue summary: Use of -addreject option with the openssl x509 applicat ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4575 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-05-22 14:16 修改: 2025-10-23 14:51
libcrypto3	CVE-2025-66199	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libcrypto3	CVE-2025-68160	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-11187	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-03-20 14:16
libssl3	CVE-2025-15468	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libssl3	CVE-2025-15469	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libssl3	CVE-2025-4575	中危	3.5.0-r0	3.5.1-r0	Issue summary: Use of -addreject option with the openssl x509 applicat ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4575 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-05-22 14:16 修改: 2025-10-23 14:51
libssl3	CVE-2025-66199	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libssl3	CVE-2025-68160	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69418	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69420	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-9230	中危	3.5.0-r0	3.5.4-r0	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
libssl3	CVE-2025-9231	中危	3.5.0-r0	3.5.4-r0	openssl: Timing side-channel in SM2 algorithm on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
libssl3	CVE-2026-22795	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-22796	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-2673	中危	3.5.0-r0	3.5.6-r0	openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-03-13 19:54 修改: 2026-05-12 13:17
libssl3	CVE-2026-31790	中危	3.5.0-r0	3.5.6-r0	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2025-69418	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
musl	CVE-2026-6042	中危	1.2.5-r10	1.2.5-r11	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
libcrypto3	CVE-2025-69420	中危	3.5.0-r0	3.5.5-r0	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
musl-utils	CVE-2026-6042	中危	1.2.5-r10	1.2.5-r11	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
ssl_client	CVE-2024-58251	中危	1.37.0-r18	1.37.0-r20	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
libcrypto3	CVE-2025-9230	中危	3.5.0-r0	3.5.4-r0	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
zlib	CVE-2026-27171	中危	1.3.1-r2	1.3.2-r0	zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2026-02-18 04:16 修改: 2026-03-25 21:27
libssl3	CVE-2025-9232	低危	3.5.0-r0	3.5.4-r0	openssl: Out-of-bounds read in HTTP client no_proxy handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
busybox-binsh	CVE-2025-46394	低危	1.37.0-r18	1.37.0-r20	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
ssl_client	CVE-2025-46394	低危	1.37.0-r18	1.37.0-r20	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
libcrypto3	CVE-2025-9232	低危	3.5.0-r0	3.5.4-r0	openssl: Out-of-bounds read in HTTP client no_proxy handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
busybox	CVE-2025-46394	低危	1.37.0-r18	1.37.0-r20	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:fd2758d7a50e2b78d275ee7d1c218489f2439084449d895fa17eede6c61ab2c4 发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38

Node.js (node-pkg)

低危漏洞:4

中危漏洞:5

高危漏洞:23

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
glob	CVE-2025-64756	高危	10.4.5	11.1.0, 10.5.0	glob: glob: Command Injection Vulnerability via Malicious Filenames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2025-11-17 18:15 修改: 2025-12-02 19:34
minimatch	CVE-2026-26996	高危	9.0.5	10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3	minimatch: minimatch: Denial of Service via specially crafted glob patterns 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch	CVE-2026-27903	高危	9.0.5	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3	minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch	CVE-2026-27904	高危	9.0.5	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4	minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
path-to-regexp	CVE-2026-4926	高危	8.2.0	8.4.0	path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4926 镜像层: sha256:eff2d517db8560c0e66e56a6dfe2159df057a8624ba72185ebfe77f7a7a977e2 发布日期: 2026-03-26 19:17 修改: 2026-04-16 18:04
tar	CVE-2026-23745	高危	6.2.1	7.5.3	node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar	CVE-2026-23950	高危	6.2.1	7.5.4	node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar	CVE-2026-24842	高危	6.2.1	7.5.7	node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar	CVE-2026-26960	高危	6.2.1	7.5.8	node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar	CVE-2026-29786	高危	6.2.1	7.5.10	node-tar: hardlink path traversal via drive-relative linkpath 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar	CVE-2026-31802	高危	6.2.1	7.5.11	tar: tar: File overwrite via drive-relative symlink traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
tar	CVE-2026-23745	高危	7.4.3	7.5.3	node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar	CVE-2026-23745	高危	7.4.3	7.5.3	node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar	CVE-2026-23950	高危	7.4.3	7.5.4	node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar	CVE-2026-23950	高危	7.4.3	7.5.4	node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar	CVE-2026-24842	高危	7.4.3	7.5.7	node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar	CVE-2026-24842	高危	7.4.3	7.5.7	node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar	CVE-2026-26960	高危	7.4.3	7.5.8	node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar	CVE-2026-26960	高危	7.4.3	7.5.8	node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar	CVE-2026-29786	高危	7.4.3	7.5.10	node-tar: hardlink path traversal via drive-relative linkpath 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar	CVE-2026-29786	高危	7.4.3	7.5.10	node-tar: hardlink path traversal via drive-relative linkpath 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar	CVE-2026-31802	高危	7.4.3	7.5.11	tar: tar: File overwrite via drive-relative symlink traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
tar	CVE-2026-31802	高危	7.4.3	7.5.11	tar: tar: File overwrite via drive-relative symlink traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
path-to-regexp	CVE-2026-4923	中危	8.2.0	8.4.0	path-to-regexp: path-to-regexp: Denial of Service via specially crafted paths with multiple wildcards 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4923 镜像层: sha256:eff2d517db8560c0e66e56a6dfe2159df057a8624ba72185ebfe77f7a7a977e2 发布日期: 2026-03-26 19:17 修改: 2026-04-16 18:03
qs	CVE-2025-15284	中危	6.14.0	6.14.1	qs: qs: Denial of Service via improper input validation in array parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15284 镜像层: sha256:eff2d517db8560c0e66e56a6dfe2159df057a8624ba72185ebfe77f7a7a977e2 发布日期: 2025-12-29 23:15 修改: 2026-02-26 19:57
body-parser	CVE-2025-13466	中危	2.2.0	2.2.1	body-parser: body-parser denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13466 镜像层: sha256:eff2d517db8560c0e66e56a6dfe2159df057a8624ba72185ebfe77f7a7a977e2 发布日期: 2025-11-24 19:15 修改: 2026-04-15 00:35
ip-address	CVE-2026-42338	中危	9.0.5	10.1.1	ip-address has XSS in Address6 HTML-emitting methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
brace-expansion	CVE-2026-33750	中危	2.0.1	5.0.5, 3.0.2, 2.0.3, 1.1.13	brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
diff	CVE-2026-24001	低危	4.0.2	8.0.3, 5.2.2, 4.0.4, 3.5.1	jsdiff: denial of service vulnerability in parsePatch and applyPatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001 镜像层: sha256:eff2d517db8560c0e66e56a6dfe2159df057a8624ba72185ebfe77f7a7a977e2 发布日期: 2026-01-22 03:15 修改: 2026-03-04 15:23
qs	CVE-2026-2391	低危	6.14.0	6.14.2	qs: qs's arrayLimit bypass in comma parsing allows denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2391 镜像层: sha256:eff2d517db8560c0e66e56a6dfe2159df057a8624ba72185ebfe77f7a7a977e2 发布日期: 2026-02-12 05:17 修改: 2026-02-24 20:13
diff	CVE-2026-24001	低危	5.2.0	8.0.3, 5.2.2, 4.0.4, 3.5.1	jsdiff: denial of service vulnerability in parsePatch and applyPatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2026-01-22 03:15 修改: 2026-03-04 15:23
brace-expansion	CVE-2025-5889	低危	2.0.1	2.0.2, 1.1.12, 3.0.1, 4.0.1	brace-expansion: juliangruber brace-expansion index.js expand redos 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889 镜像层: sha256:4f22010a2c2adbe6a14a13f3db6399b8b0a5b3ddf66dc263ab7f8c0b5b7f6949 发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00