node:lts-alpine (alpine 3.20.3)¶

Trivy Image Scan

Image: registry.hub.docker.com/library/node:lts-alpine (alpine 3.20.3)
Scan date: 2024-12-04

registry.hub.docker.com/library/node:lts-alpine (alpine 3.20.3) (alpine)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2024-9143	LOW	3.3.2-r0	3.3.2-r1	https://access.redhat.com/security/cve/CVE-2024-9143 https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712 https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700 https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4 https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154 https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41 https://nvd.nist.gov/vuln/detail/CVE-2024-9143 https://openssl-library.org/news/secadv/20241016.txt https://www.cve.org/CVERecord?id=CVE-2024-9143
libssl3	CVE-2024-9143	LOW	3.3.2-r0	3.3.2-r1	https://access.redhat.com/security/cve/CVE-2024-9143 https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712 https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700 https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4 https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154 https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41 https://nvd.nist.gov/vuln/detail/CVE-2024-9143 https://openssl-library.org/news/secadv/20241016.txt https://www.cve.org/CVERecord?id=CVE-2024-9143
No Misconfigurations found

Node.js (node-pkg)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
cross-spawn	CVE-2024-21538	HIGH	7.0.3	7.0.5, 6.0.6	https://access.redhat.com/security/cve/CVE-2024-21538 https://github.com/moxystudio/node-cross-spawn https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd https://github.com/moxystudio/node-cross-spawn/issues/165 https://github.com/moxystudio/node-cross-spawn/pull/160 https://nvd.nist.gov/vuln/detail/CVE-2024-21538 https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349 https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 https://www.cve.org/CVERecord?id=CVE-2024-21538
No Misconfigurations found