docker.io/langfuse/langfuse-worker:3.197.1 linux/amd64

docker.io/langfuse/langfuse-worker:3.197.1 - Trivy安全扫描结果 扫描时间: 2026-06-25 20:46
全部漏洞信息
低危漏洞:1 中危漏洞:11 高危漏洞:2 严重漏洞:0

系统OS: alpine 3.24.1 扫描引擎: Trivy 扫描时间: 2026-06-25 20:46

docker.io/langfuse/langfuse-worker:3.197.1 (alpine 3.24.1) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:1 中危漏洞:11 高危漏洞:2 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
nodemailer GHSA-p6gq-j5cr-w38f 高危 7.0.13 9.0.1 Nodemailer: Message-level raw option bypasses disableFileAccess/disableUrlAccess, enabling arbitrary file read and full-response SSRF in the delivered message

漏洞详情: https://github.com/advisories/GHSA-p6gq-j5cr-w38f

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-06-18 14:28 修改: 2026-06-18 14:28
path-to-regexp CVE-2026-4926 高危 8.3.0 8.4.0 path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4926

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-03-26 19:17 修改: 2026-06-17 10:57
nodemailer GHSA-r7g4-qg5f-qqm2 中危 7.0.13 8.0.8 Nodemailer: Improper TLS Certificate Validation in OAuth2 Token Fetch Enables Credential Interception

漏洞详情: https://github.com/advisories/GHSA-r7g4-qg5f-qqm2

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-06-15 17:34 修改: 2026-06-15 17:34
nodemailer GHSA-vvjj-xcjg-gr5g 中危 7.0.13 8.0.5 Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO)

漏洞详情: https://github.com/advisories/GHSA-vvjj-xcjg-gr5g

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-04-08 15:05 修改: 2026-04-08 15:05
nodemailer GHSA-wqvq-jvpq-h66f 中危 7.0.13 8.0.9 Nodemailer jsonTransport bypasses disableFileAccess and disableUrlAccess during message normalization

漏洞详情: https://github.com/advisories/GHSA-wqvq-jvpq-h66f

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-06-15 17:35 修改: 2026-06-15 17:35
nodemailer GHSA-268h-hp4c-crq3 中危 7.0.13 8.0.9 Nodemailer: CRLF injection in Nodemailer List-* header comments allows arbitrary message header injection

漏洞详情: https://github.com/advisories/GHSA-268h-hp4c-crq3

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-06-15 17:36 修改: 2026-06-15 17:36
path-to-regexp CVE-2026-4923 中危 8.3.0 8.4.0 path-to-regexp: path-to-regexp: Denial of Service via specially crafted paths with multiple wildcards

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4923

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-03-26 19:17 修改: 2026-06-17 10:57
postcss CVE-2026-41305 中危 8.4.31 8.5.10 postcss: PostCSS: Cross-Site Scripting (XSS) via improper escaping of style closing tags

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41305

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-04-24 03:16 修改: 2026-06-17 10:46
uuid CVE-2026-41907 中危 10.0.0 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47
uuid CVE-2026-41907 中危 13.0.0 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47
uuid CVE-2026-41907 中危 3.3.3 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47
uuid CVE-2026-41907 中危 8.3.2 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47
uuid CVE-2026-41907 中危 9.0.1 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47
nodemailer GHSA-c7w3-x93f-qmm8 低危 7.0.13 8.0.4 Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter

漏洞详情: https://github.com/advisories/GHSA-c7w3-x93f-qmm8

镜像层: sha256:f09c81fd076081f0b959c287ea88dfff0a2a9efd828098c95279c38fc5a5e987

发布日期: 2026-03-26 22:26 修改: 2026-03-26 22:26
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×