docker.io/node:22.22.3-alpine3.23 linux/amd64

docker.io/node:22.22.3-alpine3.23 - Trivy安全扫描结果扫描时间: 2026-05-15 17:43

全部漏洞信息

低危漏洞:0

中危漏洞:3

高危漏洞:1

严重漏洞:0

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-05-15 17:43

docker.io/node:22.22.3-alpine3.23 (alpine 3.23.4) (alpine)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

Node.js (node-pkg)

低危漏洞:0

中危漏洞:3

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
picomatch	CVE-2026-33671	高危	4.0.3	4.0.4, 3.0.2, 2.3.2	picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671 镜像层: sha256:b993ff69822c7aed848b28c18297707a2c5ebdb928476178ed97bfffbd3a0f25 发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:45
ip-address	CVE-2026-42338	中危	10.1.0	10.1.1	ip-address has XSS in Address6 HTML-emitting methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338 镜像层: sha256:b993ff69822c7aed848b28c18297707a2c5ebdb928476178ed97bfffbd3a0f25 发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
brace-expansion	CVE-2026-33750	中危	2.0.2	5.0.5, 3.0.2, 2.0.3, 1.1.13	brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750 镜像层: sha256:b993ff69822c7aed848b28c18297707a2c5ebdb928476178ed97bfffbd3a0f25 发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
picomatch	CVE-2026-33672	中危	4.0.3	4.0.4, 3.0.2, 2.3.2	picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672 镜像层: sha256:b993ff69822c7aed848b28c18297707a2c5ebdb928476178ed97bfffbd3a0f25 发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:44