Skip to content

docker.io/library/node:alpine3.11 (alpine 3.11.12)

Trivy Image Scan

  • Image: docker.io/library/node:alpine3.11 (alpine 3.11.12)
  • Scan date: 2025-06-30

docker.io/library/node:alpine3.11 (alpine 3.11.12) (alpine)

Package Vulnerability ID Severity Installed Version Fixed Version Links
busybox CVE-2021-42378 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42378 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42378 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42378
busybox CVE-2021-42379 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42379 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42379 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42379
busybox CVE-2021-42380 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42380 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42380 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42380
busybox CVE-2021-42381 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42381 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42381 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42381
busybox CVE-2021-42382 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42382 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42382 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42382
busybox CVE-2021-42383 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42383 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42383 https://security.netapp.com/advisory/ntap-20211223-0002/ https://www.cve.org/CVERecord?id=CVE-2021-42383
busybox CVE-2021-42384 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42384 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42384 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42384
busybox CVE-2021-42385 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42385 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42385 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42385
busybox CVE-2021-42386 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42386 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42386 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42386
busybox CVE-2021-42374 MEDIUM 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42374 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42374 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42374
ssl_client CVE-2021-42378 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42378 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42378 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42378
ssl_client CVE-2021-42379 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42379 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42379 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42379
ssl_client CVE-2021-42380 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42380 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42380 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42380
ssl_client CVE-2021-42381 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42381 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42381 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42381
ssl_client CVE-2021-42382 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42382 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42382 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42382
ssl_client CVE-2021-42383 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42383 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42383 https://security.netapp.com/advisory/ntap-20211223-0002/ https://www.cve.org/CVERecord?id=CVE-2021-42383
ssl_client CVE-2021-42384 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42384 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42384 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42384
ssl_client CVE-2021-42385 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42385 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42385 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42385
ssl_client CVE-2021-42386 HIGH 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42386 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42386 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42386
ssl_client CVE-2021-42374 MEDIUM 1.31.1-r10 1.31.1-r11 https://access.redhat.com/security/cve/CVE-2021-42374 https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/ https://nvd.nist.gov/vuln/detail/CVE-2021-42374 https://security.netapp.com/advisory/ntap-20211223-0002/ https://ubuntu.com/security/notices/USN-5179-1 https://www.cve.org/CVERecord?id=CVE-2021-42374
zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.11-r4 http://seclists.org/fulldisclosure/2022/Oct/37 http://seclists.org/fulldisclosure/2022/Oct/38 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/42 http://www.openwall.com/lists/oss-security/2022/08/05/2 http://www.openwall.com/lists/oss-security/2022/08/09/1 https://access.redhat.com/errata/RHSA-2022:8291 https://access.redhat.com/security/cve/CVE-2022-37434 https://bugzilla.redhat.com/2116639 https://bugzilla.redhat.com/show_bug.cgi?id=2043753 https://bugzilla.redhat.com/show_bug.cgi?id=2116639 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434 https://errata.almalinux.org/9/ALSA-2022-8291.html https://errata.rockylinux.org/RLSA-2022:7793 https://github.com/curl/curl/issues/9271 https://github.com/ivd38/zlib_overflow https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063 https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764 https://linux.oracle.com/cve/CVE-2022-37434.html https://linux.oracle.com/errata/ELSA-2023-1095.html https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/ https://nvd.nist.gov/vuln/detail/CVE-2022-37434 https://security.netapp.com/advisory/ntap-20220901-0005/ https://security.netapp.com/advisory/ntap-20230427-0007/ https://support.apple.com/kb/HT213488 https://support.apple.com/kb/HT213489 https://support.apple.com/kb/HT213490 https://support.apple.com/kb/HT213491 https://support.apple.com/kb/HT213493 https://support.apple.com/kb/HT213494 https://ubuntu.com/security/notices/USN-5570-1 https://ubuntu.com/security/notices/USN-5570-2 https://ubuntu.com/security/notices/USN-5573-1 https://ubuntu.com/security/notices/USN-6736-1 https://ubuntu.com/security/notices/USN-6736-2 https://www.cve.org/CVERecord?id=CVE-2022-37434 https://www.debian.org/security/2022/dsa-5218
No Misconfigurations found

Node.js (node-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
ansi-regex CVE-2021-3807 HIGH 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 https://access.redhat.com/errata/RHSA-2022:6595 https://access.redhat.com/security/cve/CVE-2021-3807 https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 https://bugzilla.redhat.com/1907444 https://bugzilla.redhat.com/1945459 https://bugzilla.redhat.com/1964461 https://bugzilla.redhat.com/2007557 https://bugzilla.redhat.com/2098556 https://bugzilla.redhat.com/2102001 https://bugzilla.redhat.com/2105422 https://bugzilla.redhat.com/2105426 https://bugzilla.redhat.com/2105428 https://bugzilla.redhat.com/2105430 https://errata.almalinux.org/9/ALSA-2022-6595.html https://github.com/chalk/ansi-regex https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1 https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9 https://github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8 https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311 https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774 https://github.com/chalk/ansi-regex/releases/tag/v6.0.1 https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994 https://linux.oracle.com/cve/CVE-2021-3807.html https://linux.oracle.com/errata/ELSA-2022-6595.html https://nvd.nist.gov/vuln/detail/CVE-2021-3807 https://security.netapp.com/advisory/ntap-20221014-0002 https://security.netapp.com/advisory/ntap-20221014-0002/ https://www.cve.org/CVERecord?id=CVE-2021-3807 https://www.oracle.com/security-alerts/cpuapr2022.html
ansi-regex CVE-2021-3807 HIGH 5.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 https://access.redhat.com/errata/RHSA-2022:6595 https://access.redhat.com/security/cve/CVE-2021-3807 https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 https://bugzilla.redhat.com/1907444 https://bugzilla.redhat.com/1945459 https://bugzilla.redhat.com/1964461 https://bugzilla.redhat.com/2007557 https://bugzilla.redhat.com/2098556 https://bugzilla.redhat.com/2102001 https://bugzilla.redhat.com/2105422 https://bugzilla.redhat.com/2105426 https://bugzilla.redhat.com/2105428 https://bugzilla.redhat.com/2105430 https://errata.almalinux.org/9/ALSA-2022-6595.html https://github.com/chalk/ansi-regex https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1 https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9 https://github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8 https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311 https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774 https://github.com/chalk/ansi-regex/releases/tag/v6.0.1 https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994 https://linux.oracle.com/cve/CVE-2021-3807.html https://linux.oracle.com/errata/ELSA-2022-6595.html https://nvd.nist.gov/vuln/detail/CVE-2021-3807 https://security.netapp.com/advisory/ntap-20221014-0002 https://security.netapp.com/advisory/ntap-20221014-0002/ https://www.cve.org/CVERecord?id=CVE-2021-3807 https://www.oracle.com/security-alerts/cpuapr2022.html
brace-expansion CVE-2025-5889 LOW 1.1.11 2.0.2, 1.1.12, 3.0.1, 4.0.1 https://access.redhat.com/security/cve/CVE-2025-5889 https://gist.github.com/mmmsssttt404/37a40ce7d6e5ca604858fe30814d9466 https://github.com/juliangruber/brace-expansion https://github.com/juliangruber/brace-expansion/commit/0b6a9781e18e9d2769bb2931f4856d1360243ed2 https://github.com/juliangruber/brace-expansion/commit/15f9b3c75ebf5988198241fecaebdc45eff28a9f https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217 https://github.com/juliangruber/brace-expansion/pull/65/commits/a5b98a4f30d7813266b221435e1eaaf25a1b0ac5 https://github.com/juliangruber/brace-expansion/releases/tag/v4.0.1 https://nvd.nist.gov/vuln/detail/CVE-2025-5889 https://vuldb.com/?ctiid.311660 https://vuldb.com/?id.311660 https://vuldb.com/?submit.585717 https://www.cve.org/CVERecord?id=CVE-2025-5889
http-cache-semantics CVE-2022-25881 HIGH 4.1.0 4.1.1 https://access.redhat.com/errata/RHSA-2023:2655 https://access.redhat.com/security/cve/CVE-2022-25881 https://bugzilla.redhat.com/2165824 https://bugzilla.redhat.com/2168631 https://bugzilla.redhat.com/2171935 https://bugzilla.redhat.com/2172190 https://bugzilla.redhat.com/2172204 https://bugzilla.redhat.com/2172217 https://bugzilla.redhat.com/show_bug.cgi?id=2165824 https://bugzilla.redhat.com/show_bug.cgi?id=2168631 https://bugzilla.redhat.com/show_bug.cgi?id=2171935 https://bugzilla.redhat.com/show_bug.cgi?id=2172190 https://bugzilla.redhat.com/show_bug.cgi?id=2172204 https://bugzilla.redhat.com/show_bug.cgi?id=2172217 https://bugzilla.redhat.com/show_bug.cgi?id=2178076 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25881 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4904 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23918 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23936 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24807 https://errata.almalinux.org/9/ALSA-2023-2655.html https://errata.rockylinux.org/RLSA-2023:2655 https://github.com/kornelski/http-cache-semantics https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83 https://github.com/kornelski/http-cache-semantics/commit/560b2d8ef452bbba20ffed69dc155d63ac757b74 https://linux.oracle.com/cve/CVE-2022-25881.html https://linux.oracle.com/errata/ELSA-2023-2655.html https://nvd.nist.gov/vuln/detail/CVE-2022-25881 https://security.netapp.com/advisory/ntap-20230622-0008 https://security.netapp.com/advisory/ntap-20230622-0008/ https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332 https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783 https://www.cve.org/CVERecord?id=CVE-2022-25881
ip CVE-2024-29415 HIGH 1.1.5 no fix available https://access.redhat.com/security/cve/CVE-2024-29415 https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html https://github.com/indutny/node-ip https://github.com/indutny/node-ip/issues/150 https://github.com/indutny/node-ip/pull/143 https://github.com/indutny/node-ip/pull/144 https://nvd.nist.gov/vuln/detail/CVE-2024-29415 https://security.netapp.com/advisory/ntap-20250117-0010 https://security.netapp.com/advisory/ntap-20250117-0010/ https://www.cve.org/CVERecord?id=CVE-2024-29415
ip CVE-2023-42282 LOW 1.1.5 2.0.1, 1.1.9 https://access.redhat.com/security/cve/CVE-2023-42282 https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html https://github.com/JoshGlazebrook/socks/issues/93#issue-2128357447 https://github.com/github/advisory-database/pull/3504#issuecomment-1937179999 https://github.com/indutny/node-ip https://github.com/indutny/node-ip/commit/32f468f1245574785ec080705737a579be1223aa https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894 https://github.com/indutny/node-ip/pull/138 https://huntr.com/bounties/bfc3b23f-ddc0-4ee7-afab-223b07115ed3/ https://nvd.nist.gov/vuln/detail/CVE-2023-42282 https://security.netapp.com/advisory/ntap-20240315-0008/ https://ubuntu.com/security/notices/USN-6643-1 https://www.bleepingcomputer.com/news/security/dev-rejects-cve-severity-makes-his-github-repo-read-only/ https://www.cve.org/CVERecord?id=CVE-2023-42282
minimatch CVE-2022-3517 HIGH 3.0.4 3.0.5 https://access.redhat.com/errata/RHSA-2023:0321 https://access.redhat.com/security/cve/CVE-2022-3517 https://bugzilla.redhat.com/2066009 https://bugzilla.redhat.com/2130518 https://bugzilla.redhat.com/2134609 https://bugzilla.redhat.com/2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2066009 https://bugzilla.redhat.com/show_bug.cgi?id=2130518 https://bugzilla.redhat.com/show_bug.cgi?id=2134609 https://bugzilla.redhat.com/show_bug.cgi?id=2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2142808 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548 https://errata.almalinux.org/9/ALSA-2023-0321.html https://errata.rockylinux.org/RLSA-2023:0321 https://github.com/grafana/grafana-image-renderer/issues/329 https://github.com/isaacs/minimatch https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6 https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6 (v3.0.5) https://github.com/nodejs/node/issues/42510 https://linux.oracle.com/cve/CVE-2022-3517.html https://linux.oracle.com/errata/ELSA-2023-1743.html https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK https://nvd.nist.gov/vuln/detail/CVE-2022-3517 https://ubuntu.com/security/notices/USN-6086-1 https://www.cve.org/CVERecord?id=CVE-2022-3517
npm CVE-2022-29244 HIGH 8.1.0 8.11.0 https://access.redhat.com/errata/RHSA-2022:6595 https://access.redhat.com/security/cve/CVE-2022-29244 https://bugzilla.redhat.com/1907444 https://bugzilla.redhat.com/1945459 https://bugzilla.redhat.com/1964461 https://bugzilla.redhat.com/2007557 https://bugzilla.redhat.com/2098556 https://bugzilla.redhat.com/2102001 https://bugzilla.redhat.com/2105422 https://bugzilla.redhat.com/2105426 https://bugzilla.redhat.com/2105428 https://bugzilla.redhat.com/2105430 https://errata.almalinux.org/9/ALSA-2022-6595.html https://github.com/nodejs/node/pull/43210 https://github.com/nodejs/node/releases/tag/v16.15.1 https://github.com/nodejs/node/releases/tag/v17.9.1 https://github.com/nodejs/node/releases/tag/v18.3.0 https://github.com/npm/cli https://github.com/npm/cli/releases/tag/v8.11.0 https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52 https://github.com/npm/cli/tree/latest/workspaces/libnpmpack https://github.com/npm/cli/tree/latest/workspaces/libnpmpublish https://github.com/npm/npm-packlist https://linux.oracle.com/cve/CVE-2022-29244.html https://linux.oracle.com/errata/ELSA-2022-6595.html https://nvd.nist.gov/vuln/detail/CVE-2022-29244 https://security.netapp.com/advisory/ntap-20220722-0007 https://security.netapp.com/advisory/ntap-20220722-0007/ https://www.cve.org/CVERecord?id=CVE-2022-29244
semver CVE-2022-25883 HIGH 7.3.5 7.5.2, 6.3.1, 5.7.2 https://access.redhat.com/errata/RHSA-2023:5363 https://access.redhat.com/security/cve/CVE-2022-25883 https://bugzilla.redhat.com/2216475 https://bugzilla.redhat.com/2230948 https://bugzilla.redhat.com/2230955 https://bugzilla.redhat.com/2230956 https://errata.almalinux.org/9/ALSA-2023-5363.html https://github.com/advisories/GHSA-c2qf-rxjj-qqgw https://github.com/npm/node-semver https://github.com/npm/node-semver/blob/main/classes/range.js#L97-L104 https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104 https://github.com/npm/node-semver/blob/main/internal/re.js#L138 https://github.com/npm/node-semver/blob/main/internal/re.js#L160 https://github.com/npm/node-semver/blob/main/internal/re.js%23L138 https://github.com/npm/node-semver/blob/main/internal/re.js%23L160 https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0 https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441 https://github.com/npm/node-semver/commit/928e56d21150da0413a3333a3148b20e741a920c https://github.com/npm/node-semver/pull/564 https://github.com/npm/node-semver/pull/585 https://github.com/npm/node-semver/pull/593 https://linux.oracle.com/cve/CVE-2022-25883.html https://linux.oracle.com/errata/ELSA-2023-5363.html https://nvd.nist.gov/vuln/detail/CVE-2022-25883 https://security.netapp.com/advisory/ntap-20241025-0004 https://security.netapp.com/advisory/ntap-20241025-0004/ https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795 https://www.cve.org/CVERecord?id=CVE-2022-25883
tar CVE-2024-28863 MEDIUM 6.1.11 6.2.1 https://access.redhat.com/errata/RHSA-2024:6147 https://access.redhat.com/security/cve/CVE-2024-28863 https://bugzilla.redhat.com/2293200 https://bugzilla.redhat.com/2296417 https://errata.almalinux.org/9/ALSA-2024-6147.html https://github.com/isaacs/node-tar https://github.com/isaacs/node-tar/commit/fe8cd57da5686f8695415414bda49206a545f7f7 https://github.com/isaacs/node-tar/commit/fe8cd57da5686f8695415414bda49206a545f7f7 (v6.2.1) https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36 https://linux.oracle.com/cve/CVE-2024-28863.html https://linux.oracle.com/errata/ELSA-2024-6148.html https://nvd.nist.gov/vuln/detail/CVE-2024-28863 https://security.netapp.com/advisory/ntap-20240524-0005 https://security.netapp.com/advisory/ntap-20240524-0005/ https://www.cve.org/CVERecord?id=CVE-2024-28863
No Misconfigurations found