| body-parser |
CVE-2024-45590 |
高危 |
1.20.1 |
1.20.3 |
body-parser: Denial of Service Vulnerability in body-parser
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
|
| cross-spawn |
CVE-2024-21538 |
高危 |
7.0.3 |
7.0.5, 6.0.6 |
cross-spawn: regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538
镜像层: sha256:06de089973a14b96bffbae720bef45eb631240c76da81b80fd0c40508ea95d38
发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
|
| ip |
CVE-2024-29415 |
高危 |
2.0.0 |
|
node-ip: Incomplete fix for CVE-2023-42282
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
|
| path-to-regexp |
CVE-2024-45296 |
高危 |
0.1.7 |
1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 |
path-to-regexp: Backtracking regular expressions cause ReDoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
|
| ws |
CVE-2024-37890 |
高危 |
8.11.0 |
5.2.4, 6.2.3, 7.5.10, 8.17.1 |
nodejs-ws: denial of service when handling a request with many HTTP headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
|
| axios |
CVE-2023-45857 |
中危 |
0.27.2 |
1.6.0, 0.28.0 |
axios: exposure of confidential data stored in cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15
|
| jose |
CVE-2024-28176 |
中危 |
4.15.4 |
4.15.5, 2.0.7 |
jose: resource exhaustion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28176
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-03-09 01:15 修改: 2024-03-30 04:15
|
| express |
CVE-2024-29041 |
中危 |
4.18.2 |
4.19.2, 5.0.0-beta.3 |
express: cause malformed URLs to be evaluated
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29041
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-03-25 21:15 修改: 2024-03-26 12:55
|
| tar |
CVE-2024-28863 |
中危 |
6.1.15 |
6.2.1 |
node-tar: denial of service while parsing a tar file due to lack of folders depth validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
|
| follow-redirects |
CVE-2024-28849 |
中危 |
1.15.5 |
1.15.6 |
follow-redirects: Possible credential leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28849
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-03-14 17:15 修改: 2024-03-23 03:15
|
| cookie |
CVE-2024-47764 |
低危 |
0.5.0 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| ip |
CVE-2023-42282 |
低危 |
2.0.0 |
2.0.1, 1.1.9 |
nodejs-ip: arbitrary code execution via the isPublic() function
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
|
| cookie |
CVE-2024-47764 |
低危 |
0.4.1 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| cookie |
CVE-2024-47764 |
低危 |
0.4.2 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|
| send |
CVE-2024-43799 |
低危 |
0.18.0 |
0.19.0 |
send: Code Execution Vulnerability in Send Library
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
|
| serve-static |
CVE-2024-43800 |
低危 |
1.15.0 |
1.16.0, 2.1.0 |
serve-static: Improper Sanitization in serve-static
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
|
| express |
CVE-2024-43796 |
低危 |
4.18.2 |
4.20.0, 5.0.0 |
express: Improper Input Handling in Express Redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43796
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:07
|
| cookie |
CVE-2024-47764 |
低危 |
0.4.2 |
0.7.0 |
cookie: cookie accepts cookie name, path, and domain with out of bounds characters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764
镜像层: sha256:8bf4e04291a9b39a4cb1679bdd6fc883bd49e60333ff8ef9cc58f15d988c4e50
发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
|