docker.io/node:21-alpine linux/amd64

docker.io/node:21-alpine - Trivy安全扫描结果扫描时间: 2025-02-13 17:02

全部漏洞信息

低危漏洞:2

中危漏洞:13

高危漏洞:1

严重漏洞:0

系统OS: alpine 3.20.0 扫描引擎: Trivy 扫描时间: 2025-02-13 17:02

docker.io/node:21-alpine (alpine 3.20.0) (alpine)

低危漏洞:2

中危漏洞:12

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
busybox	CVE-2023-42364	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox	CVE-2023-42365	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh	CVE-2023-42364	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox-binsh	CVE-2023-42365	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcrypto3	CVE-2024-4741	中危	3.3.0-r2	3.3.0-r3	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libcrypto3	CVE-2024-5535	中危	3.3.0-r2	3.3.1-r1	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcrypto3	CVE-2024-6119	中危	3.3.0-r2	3.3.2-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
libssl3	CVE-2024-4741	中危	3.3.0-r2	3.3.0-r3	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libssl3	CVE-2024-5535	中危	3.3.0-r2	3.3.1-r1	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libssl3	CVE-2024-6119	中危	3.3.0-r2	3.3.2-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
ssl_client	CVE-2023-42364	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client	CVE-2023-42365	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcrypto3	CVE-2024-9143	低危	3.3.0-r2	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-9143	低危	3.3.0-r2	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

Node.js (node-pkg)

低危漏洞:0

中危漏洞:1

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
cross-spawn	CVE-2024-21538	高危	7.0.3	7.0.5, 6.0.6	cross-spawn: regular expression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538 镜像层: sha256:4dd0418cbdf984db8b6c3143ee155c3adda63296ae2f3d2aa52b63396f71b507 发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
tar	CVE-2024-28863	中危	6.2.0	6.2.1	node-tar: denial of service while parsing a tar file due to lack of folders depth validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863 镜像层: sha256:4dd0418cbdf984db8b6c3143ee155c3adda63296ae2f3d2aa52b63396f71b507 发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

cross-spawn

CVE-2024-21538

高危

7.0.3

7.0.5, 6.0.6

cross-spawn: regular expression denial of service