docker.io/n8nio/runners:stable - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:0

中危漏洞:4

高危漏洞:2

严重漏洞:0

系统OS: alpine 3.24.1 扫描引擎: Trivy 扫描时间: 2026-06-23 18:09

docker.io/n8nio/runners:stable (alpine 3.24.1) (alpine)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

Node.js (node-pkg)

低危漏洞:0

中危漏洞:2

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
form-data	CVE-2026-12143	高危	4.0.4	2.5.6, 3.0.5, 4.0.6	form-data is a library for creating readable multipart/form-data strea ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12143 镜像层: sha256:04caede9009b055fac503007d16bdbfd8add3ebe9c8574a2ddb186cde51ca0e4 发布日期: 2026-06-12 19:16 修改: 2026-06-16 15:42
file-type	CVE-2026-31808	中危	16.5.4	21.3.1	file-type: file-type: Denial of Service due to infinite loop in ASF file parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31808 镜像层: sha256:04caede9009b055fac503007d16bdbfd8add3ebe9c8574a2ddb186cde51ca0e4 发布日期: 2026-03-10 21:16 修改: 2026-03-18 19:48
@opentelemetry/core	CVE-2026-54285	中危	2.7.1	2.8.0	OpenTelemetry Core: Unbounded memory allocation in W3C Baggage propagation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54285 镜像层: sha256:04caede9009b055fac503007d16bdbfd8add3ebe9c8574a2ddb186cde51ca0e4 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

form-data

CVE-2026-12143

高危

4.0.4

2.5.6, 3.0.5, 4.0.6

form-data is a library for creating readable multipart/form-data strea ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12143

镜像层: sha256:04caede9009b055fac503007d16bdbfd8add3ebe9c8574a2ddb186cde51ca0e4

发布日期: 2026-06-12 19:16 修改: 2026-06-16 15:42

file-type

CVE-2026-31808

中危

16.5.4

21.3.1

file-type: file-type: Denial of Service due to infinite loop in ASF file parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31808

镜像层: sha256:04caede9009b055fac503007d16bdbfd8add3ebe9c8574a2ddb186cde51ca0e4

发布日期: 2026-03-10 21:16 修改: 2026-03-18 19:48

@opentelemetry/core

CVE-2026-54285

中危

2.7.1

2.8.0

OpenTelemetry Core: Unbounded memory allocation in W3C Baggage propagation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54285

镜像层: sha256:04caede9009b055fac503007d16bdbfd8add3ebe9c8574a2ddb186cde51ca0e4

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Python (python-pkg)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/task-runner-launcher (gobinary)

低危漏洞:0

中危漏洞:2

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-42504	高危	v1.25.10	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:e14d83df83c05f93c1e592fe666839758e204be0275fd66c8e506d88d59c5b42 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.25.10	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:e14d83df83c05f93c1e592fe666839758e204be0275fd66c8e506d88d59c5b42 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-42507	中危	v1.25.10	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:e14d83df83c05f93c1e592fe666839758e204be0275fd66c8e506d88d59c5b42 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
golang.org/x/sys	CVE-2026-39824	未知	v0.18.0	0.44.0	Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824 镜像层: sha256:e14d83df83c05f93c1e592fe666839758e204be0275fd66c8e506d88d59c5b42 发布日期: 2026-05-22 20:16 修改: 2026-05-27 14:16

docker.io/n8nio/runners:stable linux/amd64

全部漏洞信息

docker.io/n8nio/runners:stable (alpine 3.24.1) (alpine)

Node.js (node-pkg)

Python (python-pkg)

usr/local/bin/task-runner-launcher (gobinary)