Skip to content

to be continuous

BRU_IMAGE

to-be-continuous/doc

docker.io/library/node:lts-alpine (alpine 3.23.3)¶

Trivy Image Scan

Image: docker.io/library/node:lts-alpine (alpine 3.23.3)
Scan date: 2026-04-01

docker.io/library/node:lts-alpine (alpine 3.23.3) (alpine)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
zlib	CVE-2026-22184	HIGH	1.3.1-r2	1.3.2-r0	https://access.redhat.com/security/cve/CVE-2026-22184 https://github.com/madler/zlib https://github.com/madler/zlib/issues/1142 https://nvd.nist.gov/vuln/detail/CVE-2026-22184 https://seclists.org/fulldisclosure/2026/Jan/3 https://www.cve.org/CVERecord?id=CVE-2026-22184 https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname https://zlib.net/
zlib	CVE-2026-27171	MEDIUM	1.3.1-r2	1.3.2-r0	https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://access.redhat.com/security/cve/CVE-2026-27171 https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://ostif.org/zlib-audit-complete/ https://www.cve.org/CVERecord?id=CVE-2026-27171
No Misconfigurations found

Node.js (node-pkg)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
brace-expansion	CVE-2026-33750	MEDIUM	5.0.3	5.0.5, 3.0.2, 2.0.3, 1.1.13	https://access.redhat.com/security/cve/CVE-2026-33750 https://github.com/juliangruber/brace-expansion https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113 https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184 https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5 https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2 https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a https://github.com/juliangruber/brace-expansion/issues/98 https://github.com/juliangruber/brace-expansion/pull/95 https://github.com/juliangruber/brace-expansion/pull/96 https://github.com/juliangruber/brace-expansion/pull/97 https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v https://nvd.nist.gov/vuln/detail/CVE-2026-33750 https://www.cve.org/CVERecord?id=CVE-2026-33750
minimatch	CVE-2026-27903	HIGH	10.2.2	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3	https://access.redhat.com/security/cve/CVE-2026-27903 https://github.com/isaacs/minimatch https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748 https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj https://nvd.nist.gov/vuln/detail/CVE-2026-27903 https://www.cve.org/CVERecord?id=CVE-2026-27903
minimatch	CVE-2026-27904	HIGH	10.2.2	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4	https://access.redhat.com/security/cve/CVE-2026-27904 https://github.com/isaacs/minimatch https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74 https://nvd.nist.gov/vuln/detail/CVE-2026-27904 https://www.cve.org/CVERecord?id=CVE-2026-27904
picomatch	CVE-2026-33671	HIGH	4.0.3	4.0.4, 3.0.2, 2.3.2	https://access.redhat.com/security/cve/CVE-2026-33671 https://github.com/micromatch/picomatch https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj https://nvd.nist.gov/vuln/detail/CVE-2026-33671 https://www.cve.org/CVERecord?id=CVE-2026-33671
picomatch	CVE-2026-33672	MEDIUM	4.0.3	4.0.4, 3.0.2, 2.3.2	https://access.redhat.com/security/cve/CVE-2026-33672 https://github.com/micromatch/picomatch https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903 https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p https://nvd.nist.gov/vuln/detail/CVE-2026-33672 https://www.cve.org/CVERecord?id=CVE-2026-33672
tar	CVE-2026-29786	HIGH	7.5.9	7.5.10	https://access.redhat.com/security/cve/CVE-2026-29786 https://github.com/isaacs/node-tar https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96 https://nvd.nist.gov/vuln/detail/CVE-2026-29786 https://www.cve.org/CVERecord?id=CVE-2026-29786
tar	CVE-2026-31802	HIGH	7.5.9	7.5.11	https://access.redhat.com/security/cve/CVE-2026-31802 https://github.com/isaacs/node-tar https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256 https://nvd.nist.gov/vuln/detail/CVE-2026-31802 https://www.cve.org/CVERecord?id=CVE-2026-31802
No Misconfigurations found