ghcr.io/wekan/wekan:latest linux/amd64

ghcr.io/wekan/wekan:latest - Trivy安全扫描结果 扫描时间: 2024-11-19 16:27
全部漏洞信息
低危漏洞:12 中危漏洞:23 高危漏洞:44 严重漏洞:2

系统OS: ubuntu 24.10 扫描引擎: Trivy 扫描时间: 2024-11-19 16:27

ghcr.io/wekan/wekan:latest (ubuntu 24.10) (ubuntu)
低危漏洞:5 中危漏洞:1 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libgcrypt20 CVE-2024-2236 中危 1.11.0-6ubuntu1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:c3d6458475ed75e25b2d19bbdd6886eddb252889415eb82dcf80b3bc6a77e815

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
gpgv CVE-2022-3219 低危 2.4.4-2ubuntu18 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:c3d6458475ed75e25b2d19bbdd6886eddb252889415eb82dcf80b3bc6a77e815

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libc-bin CVE-2016-20013 低危 2.40-1ubuntu3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:c3d6458475ed75e25b2d19bbdd6886eddb252889415eb82dcf80b3bc6a77e815

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc6 CVE-2016-20013 低危 2.40-1ubuntu3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:c3d6458475ed75e25b2d19bbdd6886eddb252889415eb82dcf80b3bc6a77e815

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
coreutils CVE-2016-2781 低危 9.4-3.1ubuntu1 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:c3d6458475ed75e25b2d19bbdd6886eddb252889415eb82dcf80b3bc6a77e815

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libssl3t64 CVE-2024-41996 低危 3.3.1-2ubuntu2 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:c3d6458475ed75e25b2d19bbdd6886eddb252889415eb82dcf80b3bc6a77e815

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
Node.js (node-pkg)
低危漏洞:7 中危漏洞:22 高危漏洞:44 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
@babel/traverse CVE-2023-45133 严重 7.22.8 7.23.2, 8.0.0-alpha.4 babel: arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45133

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-10-12 17:15 修改: 2023-10-24 16:52
lodash CVE-2019-10744 严重 3.10.1 4.17.12 nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10744

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2019-07-26 00:15 修改: 2024-01-21 02:45
ansi-regex CVE-2021-3807 高危 4.1.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
basic-auth-connect CVE-2024-47178 高危 1.0.0 1.1.0 basic-auth-connect: timing-unsafe equality comparison can leak timing information

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47178

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-09-30 16:15 修改: 2024-11-15 18:05
body-parser CVE-2024-45590 高危 1.19.0 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
body-parser CVE-2024-45590 高危 1.19.0 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
cross-spawn CVE-2024-21538 高危 5.1.0 7.0.5 Regular Expression Denial of Service (ReDoS) in cross-spawn

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-11-08 05:15 修改: 2024-11-08 19:01
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5 Regular Expression Denial of Service (ReDoS) in cross-spawn

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-11-08 05:15 修改: 2024-11-08 19:01
css-what CVE-2022-21222 高危 1.0.0 2.1.3 css-what: ReDoS due to insecure regular expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21222

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-09-30 05:15 修改: 2023-08-08 14:22
decode-uri-component CVE-2022-38900 高危 0.2.0 0.2.1 decode-uri-component: improper input validation resulting in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38900

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-11-28 13:15 修改: 2023-11-07 03:50
fstream CVE-2019-13173 高危 1.0.8 1.0.12 nodejs-fstream: File overwrite in fstream.DirWriter() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13173

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2019-07-02 20:15 修改: 2020-08-24 17:37
http-cache-semantics CVE-2022-25881 高危 3.8.1 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
http-cache-semantics CVE-2022-25881 高危 3.8.1 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
ip CVE-2024-29415 高危 1.1.5 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
ip CVE-2024-29415 高危 1.1.5 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
ip CVE-2024-29415 高危 2.0.0 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
ip CVE-2024-29415 高危 2.0.0 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
json5 CVE-2022-46175 高危 2.1.1 2.2.2, 1.0.2 json5: Prototype Pollution in JSON5 via Parse Method

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15
ansi-regex CVE-2021-3807 高危 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
lodash CVE-2018-16487 高危 3.10.1 >=4.17.11 lodash: Prototype pollution in utilities function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16487

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2019-02-01 18:29 修改: 2020-09-18 16:38
lodash CVE-2020-8203 高危 3.10.1 4.17.19 nodejs-lodash: prototype pollution in zipObjectDeep function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8203

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2020-07-15 17:15 修改: 2024-01-21 02:37
lodash CVE-2021-23337 高危 3.10.1 4.17.21 nodejs-lodash: command injection via template

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23337

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-02-15 13:15 修改: 2022-09-13 21:25
lodash.template CVE-2021-23337 高危 4.5.0 nodejs-lodash: command injection via template

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23337

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-02-15 13:15 修改: 2022-09-13 21:25
minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
moment CVE-2022-24785 高危 2.29.1 2.29.2 Moment.js: Path traversal in moment.locale

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24785

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-04-04 17:15 修改: 2023-11-07 03:44
moment CVE-2022-31129 高危 2.29.1 2.29.4 moment: inefficient parsing algorithm resulting in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31129

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-07-06 18:15 修改: 2023-11-07 03:47
nth-check CVE-2021-3803 高危 1.0.2 2.0.1 nodejs-nth-check: inefficient regular expression complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3803

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-09-17 07:15 修改: 2023-07-10 18:52
path-to-regexp CVE-2024-45296 高危 1.2.1 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
path-to-regexp CVE-2024-45296 高危 6.2.1 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
qs CVE-2017-1000048 高危 5.2.0 6.0.4, 6.1.2, 6.2.3, 6.3.2 nodejs-qs: Prototype override protection bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000048

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2017-07-17 13:18 修改: 2017-12-31 02:29
qs CVE-2022-24999 高危 5.2.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 6.4.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 6.5.2 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 6.7.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
qs CVE-2022-24999 高危 6.7.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15
semver CVE-2022-25883 高危 5.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.4.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.4.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 6.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
semver CVE-2022-25883 高危 7.3.8 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44
sqlite3 CVE-2022-21227 高危 5.0.2 5.0.3 sqlite3: Denial of Service (DoS) in sqlite3

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21227

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-05-01 16:15 修改: 2022-05-11 14:10
sqlite3 CVE-2022-43441 高危 5.0.2 5.1.5 A code execution vulnerability exists in the Statement Bindings functi ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43441

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-03-16 21:15 修改: 2023-03-22 21:01
tar CVE-2021-32804 高危 2.2.2 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12
tar CVE-2021-37713 高危 2.2.2 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40
ws CVE-2024-37890 高危 7.4.5 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
postcss CVE-2023-44270 中危 8.4.21 8.4.31 An issue was discovered in PostCSS before 8.4.31. The vulnerability af ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44270

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-09-29 22:15 修改: 2023-10-10 17:19
follow-redirects CVE-2024-28849 中危 1.15.2 1.15.6 follow-redirects: Possible credential leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28849

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-03-14 17:15 修改: 2024-03-23 03:15
follow-redirects CVE-2023-26159 中危 1.15.2 1.15.4 follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26159

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-01-02 05:15 修改: 2024-01-23 03:15
got CVE-2022-33987 中危 6.7.1 12.1.0, 11.8.5 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
nodemailer GHSA-9h6g-pr28-7cqp 中危 6.6.3 6.9.9 nodemailer ReDoS when trying to send a specially crafted email

漏洞详情: https://github.com/advisories/GHSA-9h6g-pr28-7cqp

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
send CVE-2024-43799 中危 0.18.0 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
lodash CVE-2019-1010266 中危 3.10.1 4.17.11 lodash: uncontrolled resource consumption in Data handler causing denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010266

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2019-07-17 21:15 修改: 2020-09-30 13:40
lodash CVE-2020-28500 中危 3.10.1 4.17.21 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28500

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-02-15 11:15 修改: 2022-09-13 21:18
request CVE-2023-28155 中危 2.88.0 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
tar CVE-2024-28863 中危 2.2.2 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 4.4.19 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 4.4.19 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 4.4.19 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 6.1.11 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tar CVE-2024-28863 中危 6.1.13 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
tough-cookie CVE-2023-26136 中危 2.4.3 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
useragent CVE-2020-26311 中危 2.3.0 Useragent: GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26311

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-10-26 21:15 修改: 2024-10-30 18:07
got CVE-2022-33987 中危 9.6.0 12.1.0, 11.8.5 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33987

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2022-06-18 21:15 修改: 2022-06-28 16:15
ws CVE-2021-32640 中危 7.4.5 7.4.6, 6.2.2, 5.2.3 nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32640

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2021-05-25 19:15 修改: 2023-11-07 03:35
xml2js CVE-2023-0842 中危 0.4.17 0.5.0 node-xml2js: xml2js is vulnerable to prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0842

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2023-04-05 20:15 修改: 2024-03-14 21:15
ip CVE-2023-42282 低危 1.1.5 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
lodash CVE-2018-3721 低危 3.10.1 >=4.17.5 lodash: Prototype pollution in utilities function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-3721

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2018-06-07 02:29 修改: 2024-02-16 16:54
ip CVE-2023-42282 低危 1.1.5 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
es5-ext CVE-2024-27088 低危 0.10.62 0.10.63 es5-ext contains ECMAScript 5 extensions. Passing functions with very ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27088

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-02-26 17:15 修改: 2024-02-26 22:10
cookie CVE-2024-47764 低危 0.4.1 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
ip CVE-2023-42282 低危 2.0.0 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
ip CVE-2023-42282 低危 2.0.0 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:c0faa0dfbb741d4d49832bada59f09e1f7e14ef97de621b52d45560e97f88797

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14