docker.io/verdaccio/verdaccio:6.8 linux/amd64

docker.io/verdaccio/verdaccio:6.8 - Trivy安全扫描结果 扫描时间: 2026-07-15 13:08
全部漏洞信息
低危漏洞:0 中危漏洞:10 高危漏洞:2 严重漏洞:0

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-07-15 13:08

docker.io/verdaccio/verdaccio:6.8 (alpine 3.23.4) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:0 中危漏洞:10 高危漏洞:2 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
picomatch CVE-2026-33671 高危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37

sigstore CVE-2026-48815 高危 4.1.0 4.1.1 sigstore's `certificateOIDs` verification constraints are silently dropped and never enforced

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48815

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

brace-expansion CVE-2026-33750 中危 5.0.4 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-03-27 15:16 修改: 2026-06-17 10:38

brace-expansion CVE-2026-45149 中危 5.0.4 5.0.6 brace-expansion: brace-expansion: Denial of Service due to excessive memory allocation when expanding large numeric ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45149

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:51

ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-05-12 20:16 修改: 2026-07-13 13:16

js-yaml CVE-2026-53550 中危 4.1.1 4.2.0, 3.15.0 js-yaml: js-yaml: Denial of Service via crafted YAML merge keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53550

镜像层: sha256:3e4a6cd2be283f41fa22dab9a57e121e0daad4323cd28d9b1393a0897e7fc843

发布日期: 2026-06-22 16:16 修改: 2026-07-09 20:33

@sigstore/core CVE-2026-48758 中危 3.2.0 3.2.1 @sigstore/core has DSSE payloadType type-binding failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48758

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

picomatch CVE-2026-33672 中危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37

qs CVE-2026-8723 中危 6.14.2 6.15.2 ### Summary `qs.stringify` throws `TypeError` when called with `arr ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8723

镜像层: sha256:3e4a6cd2be283f41fa22dab9a57e121e0daad4323cd28d9b1393a0897e7fc843

发布日期: 2026-05-17 00:16 修改: 2026-06-17 11:04

@sigstore/verify CVE-2026-48816 中危 3.1.0 3.1.1 sigstore-js has Insufficient Verification of Data Authenticity

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48816

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tar CVE-2026-53655 中危 7.5.11 7.5.16 node-tar: node-tar: File smuggling due to inconsistent tar archive parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-06-22 16:16 修改: 2026-06-26 20:03

uuid CVE-2026-41907 中危 8.3.2 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:3e4a6cd2be283f41fa22dab9a57e121e0daad4323cd28d9b1393a0897e7fc843

发布日期: 2026-04-24 19:17 修改: 2026-06-17 10:47

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×