docker.io/langfuse/langfuse:3.205.1 linux/amd64

docker.io/langfuse/langfuse:3.205.1 - Trivy安全扫描结果 扫描时间: 2026-07-13 17:10
全部漏洞信息
低危漏洞:1 中危漏洞:9 高危漏洞:2 严重漏洞:0

系统OS: alpine 3.24.1 扫描引擎: Trivy 扫描时间: 2026-07-13 17:10

docker.io/langfuse/langfuse:3.205.1 (alpine 3.24.1) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:1 中危漏洞:8 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
nodemailer GHSA-p6gq-j5cr-w38f 高危 7.0.13 9.0.1 Nodemailer: Message-level raw option bypasses disableFileAccess/disableUrlAccess, enabling arbitrary file read and full-response SSRF in the delivered message

漏洞详情: https://github.com/advisories/GHSA-p6gq-j5cr-w38f

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-06-18 14:28 修改: 2026-06-18 14:28

js-yaml CVE-2026-53550 中危 3.14.2 4.2.0, 3.15.0 js-yaml: js-yaml: Denial of Service via crafted YAML merge keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53550

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-06-22 16:16 修改: 2026-07-09 20:33

nodemailer GHSA-268h-hp4c-crq3 中危 7.0.13 8.0.9 Nodemailer: CRLF injection in Nodemailer List-* header comments allows arbitrary message header injection

漏洞详情: https://github.com/advisories/GHSA-268h-hp4c-crq3

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-06-15 17:36 修改: 2026-06-15 17:36

nodemailer GHSA-r7g4-qg5f-qqm2 中危 7.0.13 8.0.8 Nodemailer: Improper TLS Certificate Validation in OAuth2 Token Fetch Enables Credential Interception

漏洞详情: https://github.com/advisories/GHSA-r7g4-qg5f-qqm2

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-06-15 17:34 修改: 2026-06-15 17:34

nodemailer GHSA-vvjj-xcjg-gr5g 中危 7.0.13 8.0.5 Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO)

漏洞详情: https://github.com/advisories/GHSA-vvjj-xcjg-gr5g

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-04-08 15:05 修改: 2026-04-08 15:05

nodemailer GHSA-wqvq-jvpq-h66f 中危 7.0.13 8.0.9 Nodemailer jsonTransport bypasses disableFileAccess and disableUrlAccess during message normalization

漏洞详情: https://github.com/advisories/GHSA-wqvq-jvpq-h66f

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-06-15 17:35 修改: 2026-06-15 17:35

uuid CVE-2026-41907 中危 3.3.3 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47

uuid CVE-2026-41907 中危 8.3.2 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47

uuid CVE-2026-41907 中危 9.0.1 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47

nodemailer GHSA-c7w3-x93f-qmm8 低危 7.0.13 8.0.4 Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter

漏洞详情: https://github.com/advisories/GHSA-c7w3-x93f-qmm8

镜像层: sha256:ca97545564fff5072830ae95a420bbf091fb8d67c9a9cd7953cd1bb86c197a8d

发布日期: 2026-03-26 22:26 修改: 2026-03-26 22:26

usr/bin/migrate (gobinary)
低危漏洞:0 中危漏洞:1 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2026-39822 高危 v1.26.4 1.25.12, 1.26.5, 1.27.0-rc.2 os: golang: Go os.Root: Symlink following vulnerability allows directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39822

镜像层: sha256:0d8719c3ae641153c70b1d9bbabba77737116b8bd452912d17b29d0e11a3a2bc

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

stdlib CVE-2026-42505 中危 v1.26.4 1.25.12, 1.26.5, 1.27.0-rc.2 crypto/tls: golang: Go crypto/tls: Information disclosure in Encrypted Client Hello

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42505

镜像层: sha256:0d8719c3ae641153c70b1d9bbabba77737116b8bd452912d17b29d0e11a3a2bc

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

/app/web/.next/server/chunks/ssr/web_src_features_15zyap1._.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/web/.next/static/chunks/01syo5yh87-ux.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/web/.next/static/chunks/04vy8ee8ixhpj.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/web/.next/static/chunks/1rldf_en38sgh.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/web/.next/static/chunks/2r63kdks5m7_c.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×