| crypto-js |
CVE-2023-46233 |
严重 |
3.3.0 |
4.2.0 |
crypto-js: PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46233
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2023-10-25 21:15 修改: 2023-11-27 20:15
|
| json-schema |
CVE-2021-3918 |
严重 |
0.2.3 |
0.4.0 |
nodejs-json-schema: Prototype pollution vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-11-13 09:15 修改: 2023-02-03 19:15
|
| underscore |
CVE-2021-23358 |
严重 |
1.7.0 |
1.12.1 |
nodejs-underscore: Arbitrary code execution via the template function
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
|
| underscore |
CVE-2021-23358 |
严重 |
1.9.2 |
1.12.1 |
nodejs-underscore: Arbitrary code execution via the template function
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| async |
CVE-2021-43138 |
高危 |
2.6.3 |
3.2.2, 2.6.4 |
async: Prototype Pollution in async
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43138
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2022-04-06 17:15 修改: 2024-06-21 19:15
|
| async |
CVE-2021-43138 |
高危 |
3.2.0 |
3.2.2, 2.6.4 |
async: Prototype Pollution in async
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43138
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2022-04-06 17:15 修改: 2024-06-21 19:15
|
| axios |
CVE-2024-39338 |
高危 |
1.6.0 |
1.7.4 |
axios: axios: Server-Side Request Forgery
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39338
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-08-12 13:38 修改: 2024-08-23 18:35
|
| body-parser |
CVE-2024-45590 |
高危 |
1.19.2 |
1.20.3 |
body-parser: Denial of Service Vulnerability in body-parser
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
|
| braces |
CVE-2024-4068 |
高危 |
2.3.2 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
3.0.2 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
3.0.2 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
3.0.2 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
3.0.2 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| braces |
CVE-2024-4068 |
高危 |
3.0.2 |
3.0.3 |
braces: fails to limit the number of characters it can handle
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
|
| ansi-regex |
CVE-2021-3807 |
高危 |
3.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| date-and-time |
CVE-2020-26289 |
高危 |
0.6.3 |
0.14.2 |
nodejs-date-and-time: ReDoS in parsing via date.compile
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26289
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2020-12-28 19:15 修改: 2020-12-30 15:51
|
| http-cache-semantics |
CVE-2022-25881 |
高危 |
3.8.1 |
4.1.1 |
http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
|
| http-proxy-middleware |
CVE-2024-21536 |
高危 |
0.18.0 |
2.0.7, 3.0.3 |
http-proxy-middleware: Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21536
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2024-10-19 05:15 修改: 2024-10-21 17:10
|
| ip |
CVE-2024-29415 |
高危 |
1.1.5 |
|
node-ip: Incomplete fix for CVE-2023-42282
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
|
| json-bigint |
CVE-2020-8237 |
高危 |
0.3.0 |
1.0.0 |
nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8237
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2020-09-18 21:15 修改: 2020-09-30 17:46
|
| ansi-regex |
CVE-2021-3807 |
高危 |
4.1.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| node-fetch |
CVE-2022-0235 |
高危 |
1.7.3 |
3.1.1, 2.6.7 |
node-fetch: exposure of sensitive information to an unauthorized actor
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16
|
| node-forge |
CVE-2020-7720 |
高危 |
0.8.5 |
0.10.0 |
nodejs-node-forge: prototype pollution via the util.setPath function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7720
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2020-09-01 10:15 修改: 2022-12-02 19:53
|
| node-forge |
CVE-2022-24771 |
高危 |
0.8.5 |
1.3.0 |
node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24771
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2022-03-18 14:15 修改: 2022-03-28 13:53
|
| node-forge |
CVE-2022-24772 |
高危 |
0.8.5 |
1.3.0 |
node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24772
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2022-03-18 14:15 修改: 2022-03-28 14:10
|
| path-to-regexp |
CVE-2024-45296 |
高危 |
0.1.7 |
1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 |
path-to-regexp: Backtracking regular expressions cause ReDoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
|
| semver |
CVE-2022-25883 |
高危 |
5.7.1 |
7.5.2, 6.3.1, 5.7.2 |
nodejs-semver: Regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
|
| shelljs |
CVE-2022-0144 |
高危 |
0.8.3 |
0.8.5 |
nodejs-shelljs: improper privilege management
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0144
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2022-01-11 07:15 修改: 2022-02-09 14:17
|
| ansi-regex |
CVE-2021-3807 |
高危 |
4.1.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ansi-regex |
CVE-2021-3807 |
高危 |
5.0.0 |
6.0.1, 5.0.1, 4.1.1, 3.0.1 |
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
|
| ws |
CVE-2024-37890 |
高危 |
6.2.2 |
5.2.4, 6.2.3, 7.5.10, 8.17.1 |
nodejs-ws: denial of service when handling a request with many HTTP headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
|
| ws |
CVE-2024-37890 |
高危 |
7.4.6 |
5.2.4, 6.2.3, 7.5.10, 8.17.1 |
nodejs-ws: denial of service when handling a request with many HTTP headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
|
| express |
CVE-2024-43796 |
中危 |
4.17.3 |
4.20.0, 5.0.0 |
express: Improper Input Handling in Express Redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43796
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:07
|
| got |
CVE-2022-33987 |
中危 |
6.7.1 |
12.1.0, 11.8.5 |
nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
|
| ajv |
CVE-2020-15366 |
中危 |
6.12.0 |
6.12.3 |
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15366
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2020-07-15 20:15 修改: 2024-06-21 19:15
|
| node-forge |
CVE-2022-0122 |
中危 |
0.8.5 |
1.0.0 |
Open Redirect in node-forge
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0122
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2022-01-06 05:15 修改: 2022-01-12 20:14
|
| node-forge |
CVE-2022-24773 |
中危 |
0.8.5 |
1.3.0 |
node-forge: Signature verification leniency in checking `DigestInfo` structure
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24773
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2022-03-18 14:15 修改: 2022-03-28 14:20
|
| node-notifier |
CVE-2020-7789 |
中危 |
6.0.0 |
8.0.1 |
nodejs-node-notifier: command injection due to the options params not being sanitised when being passed an array
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7789
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2020-12-11 10:15 修改: 2020-12-17 15:52
|
| micromatch |
CVE-2024-4067 |
中危 |
3.1.10 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| request |
CVE-2023-28155 |
中危 |
2.88.2 |
|
The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
|
| request |
CVE-2023-28155 |
中危 |
2.88.2 |
|
The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
|
| micromatch |
CVE-2024-4067 |
中危 |
4.0.2 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| send |
CVE-2024-43799 |
中危 |
0.17.2 |
0.19.0 |
send: Code Execution Vulnerability in Send Library
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
|
| serve-static |
CVE-2024-43800 |
中危 |
1.14.2 |
1.16.0, 2.1.0 |
serve-static: Improper Sanitization in serve-static
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
|
| micromatch |
CVE-2024-4067 |
中危 |
4.0.2 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| shelljs |
GHSA-64g7-mvw6-v9qj |
中危 |
0.8.3 |
0.8.5 |
Improper Privilege Management in shelljs
漏洞详情: https://github.com/advisories/GHSA-64g7-mvw6-v9qj
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| tar |
CVE-2024-28863 |
中危 |
4.4.19 |
6.2.1 |
node-tar: denial of service while parsing a tar file due to lack of folders depth validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
|
| tough-cookie |
CVE-2023-26136 |
中危 |
2.5.0 |
4.1.3 |
tough-cookie: prototype pollution in cookie memstore
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
|
| tough-cookie |
CVE-2023-26136 |
中危 |
2.5.0 |
4.1.3 |
tough-cookie: prototype pollution in cookie memstore
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
|
| tough-cookie |
CVE-2023-26136 |
中危 |
3.0.1 |
4.1.3 |
tough-cookie: prototype pollution in cookie memstore
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
|
| micromatch |
CVE-2024-4067 |
中危 |
4.0.2 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| micromatch |
CVE-2024-4067 |
中危 |
4.0.2 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| micromatch |
CVE-2024-4067 |
中危 |
4.0.2 |
4.0.8 |
micromatch: vulnerable to Regular Expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
|
| express |
CVE-2024-29041 |
中危 |
4.17.3 |
4.19.2, 5.0.0-beta.3 |
express: cause malformed URLs to be evaluated
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29041
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-03-25 21:15 修改: 2024-03-26 12:55
|
| xml2js |
CVE-2023-0842 |
中危 |
0.4.23 |
0.5.0 |
node-xml2js: xml2js is vulnerable to prototype pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0842
镜像层: sha256:a77f5ce79d8622f24a33458dee60d9effde5e3f40f0a50f67a88367cf11414f4
发布日期: 2023-04-05 20:15 修改: 2024-03-14 21:15
|
| yargs-parser |
CVE-2020-7608 |
中危 |
16.1.0 |
13.1.2, 15.0.1, 18.1.1, 5.0.1 |
nodejs-yargs-parser: prototype pollution vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7608
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2020-03-16 20:15 修改: 2022-11-15 16:40
|
| debug |
CVE-2017-16137 |
低危 |
4.1.1 |
2.6.9, 3.1.0, 3.2.7, 4.3.1 |
nodejs-debug: Regular expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
|
| cookie |
CVE-2024-47764 |
低危 |
0.4.2 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| ip |
CVE-2023-42282 |
低危 |
1.1.5 |
2.0.1, 1.1.9 |
nodejs-ip: arbitrary code execution via the isPublic() function
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282
镜像层: sha256:e67e8085abaec1979f9493d537ebb0545d6f7b7410f90050c0bf8cde09b9c0b4
发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
|
| debug |
CVE-2017-16137 |
低危 |
3.2.6 |
2.6.9, 3.1.0, 3.2.7, 4.3.1 |
nodejs-debug: Regular expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
|
| debug |
CVE-2017-16137 |
低危 |
4.1.1 |
2.6.9, 3.1.0, 3.2.7, 4.3.1 |
nodejs-debug: Regular expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
|
| node-forge |
GHSA-5rrq-pxf6-6jx5 |
低危 |
0.8.5 |
1.0.0 |
Prototype Pollution in node-forge debug API.
漏洞详情: https://github.com/advisories/GHSA-5rrq-pxf6-6jx5
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| node-forge |
GHSA-gf8q-jrpm-jvxq |
低危 |
0.8.5 |
1.0.0 |
URL parsing in node-forge could lead to undesired behavior.
漏洞详情: https://github.com/advisories/GHSA-gf8q-jrpm-jvxq
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| node-forge |
GHSA-wxgw-qj99-44c2 |
低危 |
0.8.5 |
0.10.0 |
Prototype Pollution in node-forge util.setPath API
漏洞详情: https://github.com/advisories/GHSA-wxgw-qj99-44c2
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| debug |
CVE-2017-16137 |
低危 |
4.1.1 |
2.6.9, 3.1.0, 3.2.7, 4.3.1 |
nodejs-debug: Regular expression Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137
镜像层: sha256:eab06d66ac3105f33abc3a1916306f0d1671c8ed6a9db64b9175213803e94039
发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
|