ghcr.io/n8n-io/n8n:2.29.10 linux/amd64

ghcr.io/n8n-io/n8n:2.29.10 - Trivy安全扫描结果 扫描时间: 2026-07-13 17:16
全部漏洞信息
低危漏洞:3 中危漏洞:17 高危漏洞:19 严重漏洞:0

系统OS: alpine 3.24 扫描引擎: Trivy 扫描时间: 2026-07-13 17:16

ghcr.io/n8n-io/n8n:2.29.10 (alpine 3.24) (alpine)
低危漏洞:1 中危漏洞:15 高危漏洞:16 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
c-ares CVE-2026-33630 高危 1.34.6-r0 1.34.8-r0 c-ares: c-ares: Use-after-free / double-free in query-completion handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33630

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl CVE-2026-11352 高危 8.20.0-r1 8.21.0-r0 curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11352

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:01

libcurl CVE-2026-11586 高危 8.20.0-r1 8.21.0-r0 curl: curl: Denial of Service via WebSocket PING flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11586

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 17:59

libcurl CVE-2026-12064 高危 8.20.0-r1 8.21.0-r0 curl: curl: SSH host verification bypass when using schemeless URLs with SFTP/SCP

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 19:43

libcurl CVE-2026-8286 高危 8.20.0-r1 8.21.0-r0 curl: curl: Insecure connection establishment due to TLS configuration mismatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 19:42

libcurl CVE-2026-8925 高危 8.20.0-r1 8.21.0-r0 curl: curl: Double-free vulnerability in SASL authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8925

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 23:04

libcurl CVE-2026-8927 高危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Information disclosure due to uncleared proxy authentication state

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 23:21

libcurl CVE-2026-8932 高危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Security feature bypass due to improper mTLS connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8932

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 23:18

libcurl CVE-2026-9079 高危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Information disclosure due to failure to clear proxy authentication credentials

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9079

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 15:05

libcurl CVE-2026-9080 高危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Use-after-free via curl_easy_pause() in CURLMOPT_SOCKETFUNCTION callback

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9080

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 15:05

libcurl CVE-2026-9545 高危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Information disclosure via cached SSL session and early data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9545

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 15:03

libcurl CVE-2026-9546 高危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Information disclosure due to persistent Referer header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9546

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 14:53

libcurl CVE-2026-9547 高危 8.20.0-r1 8.21.0-r0 curl: curl: Man-in-the-middle attack via SSH host key bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 14:52

libexpat CVE-2026-56131 高危 2.8.1-r0 2.8.2-r0 libexpat before 2.8.2 lacks handler call depth tracking for calls to X ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56131

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15

libexpat CVE-2026-56407 高危 2.8.1-r0 2.8.2-r0 libexpat before 2.8.2 has an integer overflow in doProlog that is rela ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:28

libexpat CVE-2026-56408 高危 2.8.1-r0 2.8.2-r0 libexpat before 2.8.2 has an integer overflow in copyString.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56408

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:27

libcurl CVE-2026-8924 中危 8.20.0-r1 8.21.0-r0 curl: curl: Cookie injection via malicious HTTP server using super cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 23:06

libcurl CVE-2026-8926 中危 8.20.0-r1 8.21.0-r0 curl: curl: Information disclosure via incorrect .netrc password lookup

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8926

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 23:02

libcurl CVE-2026-10536 中危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02

libcurl CVE-2026-11564 中危 8.20.0-r1 8.21.0-r0 libcurl: libcurl: Certificate validation bypass due to incorrect connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11564

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:00

libcurl CVE-2026-11856 中危 8.20.0-r1 8.21.0-r0 curl: curl: Information disclosure via incorrect Digest authentication header reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 19:43

libexpat CVE-2026-50219 中危 2.8.1-r0 2.8.2-r0 expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-04 06:16 修改: 2026-06-17 10:57

libexpat CVE-2026-56132 中危 2.8.1-r0 2.8.2-r0 expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15

libexpat CVE-2026-56403 中危 2.8.1-r0 2.8.2-r0 libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15

libexpat CVE-2026-56404 中危 2.8.1-r0 2.8.2-r0 libexpat before 2.8.2 has an integer overflow in addBinding.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56404

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15

libexpat CVE-2026-56405 中危 2.8.1-r0 2.8.2-r0 libexpat: libexpat: Information disclosure and arbitrary code execution via integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:14

libexpat CVE-2026-56406 中危 2.8.1-r0 2.8.2-r0 libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29

libexpat CVE-2026-56409 中危 2.8.1-r0 2.8.2-r0 xmlwf in libexpat before 2.8.2 has an integer overflow for the output ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56409

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:21

libexpat CVE-2026-56410 中危 2.8.1-r0 2.8.2-r0 libexpat: libexpat: Integer overflow in xmlwf can lead to information disclosure and arbitrary code execution.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56410

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:18

libexpat CVE-2026-56411 中危 2.8.1-r0 2.8.2-r0 expat: libexpat: Integer Overflow Vulnerability Leading to Information Disclosure or Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56411

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 17:16 修改: 2026-06-23 16:16

libexpat CVE-2026-56412 中危 2.8.1-r0 2.8.2-r0 libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-06-21 17:16 修改: 2026-06-23 15:31

libcurl CVE-2026-8458 低危 8.20.0-r1 8.21.0-r0 libcurl might in some circumstances reuse the wrong connection when as ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458

镜像层: sha256:8619cb052f1fe5e5a0b708668dd19212c7622684313bd27419750d8ab99b51cb

发布日期: 2026-07-03 07:16 修改: 2026-07-07 23:12

Node.js (node-pkg)
低危漏洞:2 中危漏洞:2 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
linkify-it CVE-2026-48801 高危 5.0.0 5.0.1 LinkifyIt#match scan loop has quadratic algorithmic complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48801

镜像层: sha256:baeaefff5aba6ee1dd76f60d3432d1ee11d3f732417d79e06e62fbf0d1dc9c4a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

nodemailer GHSA-p6gq-j5cr-w38f 高危 8.0.10 9.0.1 Nodemailer: Message-level raw option bypasses disableFileAccess/disableUrlAccess, enabling arbitrary file read and full-response SSRF in the delivered message

漏洞详情: https://github.com/advisories/GHSA-p6gq-j5cr-w38f

镜像层: sha256:baeaefff5aba6ee1dd76f60d3432d1ee11d3f732417d79e06e62fbf0d1dc9c4a

发布日期: 2026-06-18 14:28 修改: 2026-06-18 14:28

undici CVE-2026-12151 高危 6.24.1 6.27.0, 7.28.0, 8.5.0 undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12151

镜像层: sha256:baeaefff5aba6ee1dd76f60d3432d1ee11d3f732417d79e06e62fbf0d1dc9c4a

发布日期: 2026-06-17 17:16 修改: 2026-07-09 13:16

showdown CVE-2024-1899 中危 2.1.0 Showdown vulnerable to Regular Expression Denial of Service (ReDoS) in link/anchor parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1899

镜像层: sha256:baeaefff5aba6ee1dd76f60d3432d1ee11d3f732417d79e06e62fbf0d1dc9c4a

发布日期: 2024-02-26 19:15 修改: 2026-06-17 07:05

undici CVE-2026-9679 中危 6.24.1 6.27.0, 7.28.0, 8.5.0 undici: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9679

镜像层: sha256:baeaefff5aba6ee1dd76f60d3432d1ee11d3f732417d79e06e62fbf0d1dc9c4a

发布日期: 2026-06-17 18:18 修改: 2026-06-25 17:43

undici CVE-2026-11525 低危 6.24.1 6.27.0, 7.28.0, 8.5.0 undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11525

镜像层: sha256:baeaefff5aba6ee1dd76f60d3432d1ee11d3f732417d79e06e62fbf0d1dc9c4a

发布日期: 2026-06-17 18:17 修改: 2026-06-25 17:46

undici CVE-2026-6733 低危 6.24.1 6.27.0, 7.28.0, 8.5.0 undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6733

镜像层: sha256:baeaefff5aba6ee1dd76f60d3432d1ee11d3f732417d79e06e62fbf0d1dc9c4a

发布日期: 2026-06-17 18:18 修改: 2026-06-27 23:46

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×