ghcr.io/requarks/wiki:2.5 linux/amd64

ghcr.io/requarks/wiki:2.5 - Trivy安全扫描结果 扫描时间: 2024-11-20 10:08
全部漏洞信息
低危漏洞:9 中危漏洞:37 高危漏洞:25 严重漏洞:5

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2024-11-20 10:08

ghcr.io/requarks/wiki:2.5 (alpine 3.20.3) (alpine)
低危漏洞:4 中危漏洞:1 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libexpat CVE-2024-50602 中危 2.6.3-r0 2.6.4-r0 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:f2fa8a01bdfdbab3dffaaf4b286ef25b4a192fd67ec1eb1b37b5d0ed0a8040bf

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
libcrypto3 CVE-2024-9143 低危 3.3.2-r0 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libcurl CVE-2024-9681 低危 8.10.1-r0 8.11.0-r0 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:f2fa8a01bdfdbab3dffaaf4b286ef25b4a192fd67ec1eb1b37b5d0ed0a8040bf

发布日期: 2024-11-06 08:15 修改: 2024-11-06 18:17
curl CVE-2024-9681 低危 8.10.1-r0 8.11.0-r0 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:f2fa8a01bdfdbab3dffaaf4b286ef25b4a192fd67ec1eb1b37b5d0ed0a8040bf

发布日期: 2024-11-06 08:15 修改: 2024-11-06 18:17
libssl3 CVE-2024-9143 低危 3.3.2-r0 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
Node.js (node-pkg)
低危漏洞:5 中危漏洞:36 高危漏洞:25 严重漏洞:5
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
@babel/traverse CVE-2023-45133 严重 7.12.13 7.23.2, 8.0.0-alpha.4 babel: arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45133

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-10-12 17:15 修改: 2023-10-24 16:52
mysql2 CVE-2024-21508 严重 3.1.0 3.9.4 mysql2: Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21508

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-04-11 05:15 修改: 2024-04-11 12:47
mysql2 CVE-2024-21511 严重 3.1.0 3.9.7 mysql2: Arbitrary Code Injection due to improper sanitization of the timezone parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21511

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-04-23 05:15 修改: 2024-04-23 12:52
underscore CVE-2021-23358 严重 1.6.0 1.12.1 nodejs-underscore: Arbitrary code execution via the template function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
underscore CVE-2021-23358 严重 1.8.3 1.12.1 nodejs-underscore: Arbitrary code execution via the template function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23358

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2021-03-29 14:15 修改: 2023-11-07 03:30
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5, 6.0.6 Regular Expression Denial of Service (ReDoS) in cross-spawn

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-11-08 05:15 修改: 2024-11-08 19:01
css-what CVE-2021-33587 高危 4.0.0 5.0.1 nodejs-css-what: does not ensure that attribute parsing has linear time complexity relative to the size of the input

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33587

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2021-05-28 20:15 修改: 2023-03-03 13:15
dicer CVE-2022-24434 高危 0.2.5 dicer: nodejs service crash by sending a crafted payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24434

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-05-20 20:15 修改: 2022-06-07 02:04
dicer CVE-2022-24434 高危 0.3.0 dicer: nodejs service crash by sending a crafted payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24434

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-05-20 20:15 修改: 2022-06-07 02:04
dompurify CVE-2024-45801 高危 2.4.3 2.5.4, 3.1.3 dompurify: XSS vulnerability via prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45801

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-09-16 19:16 修改: 2024-09-20 12:31
dompurify CVE-2024-47875 高危 2.4.3 2.5.0, 3.1.3 dompurify: nesting-based mutation XSS vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47875

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-10-11 15:15 修改: 2024-10-15 12:58
file-type CVE-2022-36313 高危 15.0.1 16.5.4, 17.1.3 file-type: a malformed MKV file could cause the file type detector to get caught in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36313

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-07-21 16:15 修改: 2022-10-27 13:25
json5 CVE-2022-46175 高危 2.0.0 2.2.2, 1.0.2 json5: Prototype Pollution in JSON5 via Parse Method

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15
knex CVE-2016-20018 高危 0.21.21 2.4.0 Knex.js has a limited SQL injection vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20018

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-12-19 09:15 修改: 2023-11-23 00:15
knex CVE-2016-20018 高危 0.21.7 2.4.0 Knex.js has a limited SQL injection vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20018

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-12-19 09:15 修改: 2023-11-23 00:15
luxon CVE-2023-22467 高危 1.25.0 1.28.1, 2.5.2, 3.2.1 luxon: Inefficient regular expression complexity in luxon.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22467

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-01-04 22:15 修改: 2024-02-12 04:15
apollo-server GHSA-qm7x-rc44-rrqw 高危 2.25.2 2.25.3, 3.4.1 Cross-site Scripting Vulnerability in GraphQL Playground (distributed by Apollo Server)

漏洞详情: https://github.com/advisories/GHSA-qm7x-rc44-rrqw

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
body-parser CVE-2024-45590 高危 1.20.1 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
mysql2 CVE-2024-21512 高危 3.1.0 3.9.8 mysql2: vulnerable to Prototype Pollution due to improper user input sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21512

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-05-29 05:16 修改: 2024-06-06 13:15
node-fetch CVE-2022-0235 高危 1.7.3 3.1.1, 2.6.7 node-fetch: exposure of sensitive information to an unauthorized actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16
node-fetch CVE-2022-0235 高危 2.6.1 3.1.1, 2.6.7 node-fetch: exposure of sensitive information to an unauthorized actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16
node-fetch CVE-2022-0235 高危 2.6.1 3.1.1, 2.6.7 node-fetch: exposure of sensitive information to an unauthorized actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16
path-to-regexp CVE-2024-45296 高危 0.1.7 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
semver CVE-2022-25883 高危 4.3.2 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 7.3.8 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
sqlite3 CVE-2022-43441 高危 5.1.4 5.1.5 A code execution vulnerability exists in the Statement Bindings functi ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43441

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-03-16 21:15 修改: 2023-03-22 21:01
braces CVE-2024-4068 高危 2.3.2 3.0.3 braces: fails to limit the number of characters it can handle

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5, 6.0.6 Regular Expression Denial of Service (ReDoS) in cross-spawn

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:9e884bd721881ef518283e1aea76c3575e68be9b4a577f1dd3476d51b8237e66

发布日期: 2024-11-08 05:15 修改: 2024-11-08 19:01
ws CVE-2024-37890 高危 7.4.5 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
ws CVE-2024-37890 高危 7.4.5 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
markdown-it CVE-2022-21670 中危 11.0.1 12.3.2 markdown-it is a Markdown parser. Prior to version 1.3.2, special patt ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21670

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-01-10 21:15 修改: 2023-07-24 13:54
markdown-it-decorate CVE-2020-28459 中危 1.2.2 markdown-it-decorate vulnerable to cross-site scripting (XSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28459

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-07-25 14:15 修改: 2022-08-01 13:30
micromatch CVE-2024-4067 中危 3.1.10 4.0.8 micromatch: vulnerable to Regular Expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
mongodb CVE-2021-32050 中危 3.6.5 3.6.10, 4.17.0, 5.8.0 Some MongoDB Drivers may erroneously publish events containing authent ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32050

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-08-29 16:15 修改: 2023-10-06 15:15
axios CVE-2023-45857 中危 0.27.2 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15
express CVE-2024-29041 中危 4.18.2 4.19.2, 5.0.0-beta.3 express: cause malformed URLs to be evaluated

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29041

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-03-25 21:15 修改: 2024-03-26 12:55
express CVE-2024-43796 中危 4.18.2 4.20.0, 5.0.0 express: Improper Input Handling in Express Redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43796

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:07
mysql2 CVE-2024-21507 中危 3.1.0 3.9.3 mysql2: Improper Input Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21507

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-04-10 05:15 修改: 2024-08-01 13:46
mysql2 CVE-2024-21509 中危 3.1.0 3.9.4 mysql2: Prototype Poisoning

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21509

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-04-10 05:15 修改: 2024-08-22 13:35
express-brute GHSA-984p-xq9m-4rjw 中危 1.0.1 Rate Limiting Bypass in express-brute

漏洞详情: https://github.com/advisories/GHSA-984p-xq9m-4rjw

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
apollo-server GHSA-2p3c-p3qw-69r4 中危 2.25.2 2.25.4 The graphql-upload library included in Apollo Server 2 is vulnerable to CSRF mutations

漏洞详情: https://github.com/advisories/GHSA-2p3c-p3qw-69r4

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
highlight.js GHSA-7wwv-vh3v-89cq 中危 10.2.1 10.4.1 ReDOS vulnerabities: multiple grammars

漏洞详情: https://github.com/advisories/GHSA-7wwv-vh3v-89cq

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
node-uuid CVE-2015-8851 中危 1.4.1 >=1.4.4 nodejs-node-uuid: insecure entropy source - Math.random()

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8851

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2020-01-30 21:15 修改: 2020-02-05 17:26
nodemailer GHSA-9h6g-pr28-7cqp 中危 6.9.1 6.9.9 nodemailer ReDoS when trying to send a specially crafted email

漏洞详情: https://github.com/advisories/GHSA-9h6g-pr28-7cqp

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
passport CVE-2022-25896 中危 0.4.1 0.6.0 passport: incorrect session regeneration

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25896

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-07-01 20:15 修改: 2022-07-13 16:55
passport-oauth2 CVE-2021-41580 中危 1.2.0 1.6.1 Improper Access Control in passport-oauth2

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41580

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2021-09-27 07:15 修改: 2024-08-04 04:15
highlight.js GHSA-7wwv-vh3v-89cq 中危 10.3.1 10.4.1 ReDOS vulnerabities: multiple grammars

漏洞详情: https://github.com/advisories/GHSA-7wwv-vh3v-89cq

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
pug CVE-2024-36361 中危 3.0.2 3.0.3 Pug allows JavaScript code execution if an application accepts untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36361

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-05-24 06:15 修改: 2024-08-02 04:17
request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
axios CVE-2023-45857 中危 0.21.4 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15
katex CVE-2024-28243 中危 0.12.0 0.16.10 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28243

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-03-25 20:15 修改: 2024-03-26 12:55
send CVE-2024-43799 中危 0.18.0 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
serve-static CVE-2024-43800 中危 1.15.0 1.16.0, 2.1.0 serve-static: Improper Sanitization in serve-static

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
katex CVE-2024-28245 中危 0.12.0 0.16.10 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28245

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-03-25 20:15 修改: 2024-03-26 12:55
tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
tough-cookie CVE-2023-26136 中危 3.0.1 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
katex CVE-2024-28246 中危 0.12.0 0.16.10 KaTeX is a JavaScript library for TeX math rendering on the web. Code ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28246

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-03-25 20:15 修改: 2024-03-26 12:55
cross-fetch CVE-2022-1365 中危 1.1.1 3.1.5, 2.2.6 cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1365

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-04-15 23:15 修改: 2022-11-22 19:16
validate.js CVE-2020-26308 中危 0.13.1 validate.js Regular Expression Denial of Service vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26308

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-10-26 21:15 修改: 2024-10-28 13:58
cross-fetch CVE-2022-1365 中危 3.0.6 3.1.5, 2.2.6 cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1365

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-04-15 23:15 修改: 2022-11-22 19:16
cross-fetch CVE-2022-1365 中危 3.1.4 3.1.5, 2.2.6 cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1365

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2022-04-15 23:15 修改: 2022-11-22 19:16
ws CVE-2021-32640 中危 7.4.5 7.4.6, 6.2.2, 5.2.3 nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32640

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2021-05-25 19:15 修改: 2023-11-07 03:35
ws CVE-2021-32640 中危 7.4.5 7.4.6, 6.2.2, 5.2.3 nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32640

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2021-05-25 19:15 修改: 2023-11-07 03:35
xml2js CVE-2023-0842 中危 0.4.19 0.5.0 node-xml2js: xml2js is vulnerable to prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0842

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-04-05 20:15 修改: 2024-03-14 21:15
xml2js CVE-2023-0842 中危 0.4.23 0.5.0 node-xml2js: xml2js is vulnerable to prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0842

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-04-05 20:15 修改: 2024-03-14 21:15
xml2js CVE-2023-0842 中危 0.4.4 0.5.0 node-xml2js: xml2js is vulnerable to prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0842

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2023-04-05 20:15 修改: 2024-03-14 21:15
cookie CVE-2024-47764 低危 0.4.1 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
debug CVE-2017-16137 低危 4.1.1 2.6.9, 3.1.0, 3.2.7, 4.3.1 nodejs-debug: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40
cookie CVE-2024-47764 低危 0.4.2 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
cookie CVE-2024-47764 低危 0.5.0 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
cookie CVE-2024-47764 低危 0.3.1 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:9513b78ffe7db2cb161d82da54ababf4906729cf4d53d61cfbcc2bb7399f4cfd

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48