Node.js¶ Trivy Image Scan Image: Node.js Scan date: 2026-02-04 Node.js (node-pkg)¶ Package Vulnerability ID Severity Installed Version Fixed Version Links playwright CVE-2025-59288 HIGH 1.54.1 1.55.1 https://access.redhat.com/security/cve/CVE-2025-59288 https://github.com/SocketDev/security-research/security/advisories/GHSA-qxm8-4v54-964r https://github.com/microsoft/playwright https://github.com/microsoft/playwright/commit/72c62d840247d9defd87c6beb0344d456794b570 https://github.com/microsoft/playwright/pull/37532 https://github.com/microsoft/playwright/releases/tag/v1.55.1 https://github.com/microsoft/playwright/releases/tag/v1.56.0 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59288 https://nvd.nist.gov/vuln/detail/CVE-2025-59288 https://www.cve.org/CVERecord?id=CVE-2025-59288 No Misconfigurations found Python (python-pkg)¶ Package Vulnerability ID Severity Installed Version Fixed Version Links PyNaCl CVE-2025-69277 MEDIUM 1.6.1 1.6.2 https://00f.net/2025/12/30/libsodium-vulnerability https://00f.net/2025/12/30/libsodium-vulnerability/ https://access.redhat.com/security/cve/CVE-2025-69277 https://github.com/FriendsOfPHP/security-advisories/blob/master/paragonie/sodium_compat/2025-12-30.yaml https://github.com/hdwallet-io/python-hdwallet/pull/124 https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae https://github.com/paragonie/sodium_compat https://github.com/paragonie/sodium_compat/commit/2cb48f26130919f92f30650bdcc30e6f4ebe45ac https://github.com/paragonie/sodium_compat/commit/4714da6efdc782c06690bc72ce34fae7941c2d9f https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7 https://github.com/pyca/pynacl/commit/ecf41f55a3d8f1e10ce89c61c4b4d67f3f4467cf https://github.com/pyca/pynacl/issues/920 https://ianix.com/pub/ed25519-deployment.html https://lists.debian.org/debian-lts-announce/2026/01/msg00004.html https://news.ycombinator.com/item?id=46435614 https://nvd.nist.gov/vuln/detail/CVE-2025-69277 https://ubuntu.com/security/notices/USN-7949-1 https://www.cve.org/CVERecord?id=CVE-2025-69277 jaraco.context CVE-2026-23949 HIGH 5.3.0 6.1.0 https://access.redhat.com/security/cve/CVE-2026-23949 https://github.com/jaraco/jaraco.context https://github.com/jaraco/jaraco.context/blob/main/jaraco/context/__init__.py#L74-L91 https://github.com/jaraco/jaraco.context/commit/7b26a42b525735e4085d2e994e13802ea339d5f9 https://github.com/jaraco/jaraco.context/security/advisories/GHSA-58pv-8j8x-9vj2 https://github.com/pypa/setuptools/blob/main/setuptools/_vendor/jaraco/context.py#L55-L76 https://nvd.nist.gov/vuln/detail/CVE-2026-23949 https://www.cve.org/CVERecord?id=CVE-2026-23949 protobuf CVE-2026-0994 HIGH 6.31.1 6.33.5 https://access.redhat.com/security/cve/CVE-2026-0994 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/commit/d2b001626d137c62dfee6c88c87324102531868b https://github.com/protocolbuffers/protobuf/issues/25070 https://github.com/protocolbuffers/protobuf/pull/25239 https://nvd.nist.gov/vuln/detail/CVE-2026-0994 https://www.cve.org/CVERecord?id=CVE-2026-0994 pyasn1 CVE-2026-23490 HIGH 0.6.1 0.6.2 https://access.redhat.com/security/cve/CVE-2026-23490 https://github.com/pyasn1/pyasn1 https://github.com/pyasn1/pyasn1/blob/0f07d7242a78ab4d129b26256d7474f7168cf536/pyasn1/codec/ber/decoder.py#L496 https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970 https://github.com/pyasn1/pyasn1/commit/be353d755f42ea36539b4f5053c652ddf56979a6 https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2 https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq https://lists.debian.org/debian-lts-announce/2026/02/msg00002.html https://nvd.nist.gov/vuln/detail/CVE-2026-23490 https://ubuntu.com/security/notices/USN-7975-1 https://www.cve.org/CVERecord?id=CVE-2026-23490 urllib3 CVE-2025-66418 HIGH 2.5.0 2.6.0 https://access.redhat.com/errata/RHSA-2026:1254 https://access.redhat.com/security/cve/CVE-2025-66418 https://bugzilla.redhat.com/2419455 https://bugzilla.redhat.com/2419467 https://bugzilla.redhat.com/2427726 https://errata.almalinux.org/8/ALSA-2026-1254.html https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8 https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53 https://linux.oracle.com/cve/CVE-2025-66418.html https://linux.oracle.com/errata/ELSA-2026-1254.html https://nvd.nist.gov/vuln/detail/CVE-2025-66418 https://ubuntu.com/security/notices/USN-7927-1 https://www.cve.org/CVERecord?id=CVE-2025-66418 https://www.openwall.com/lists/oss-security/2025/12/05/4 urllib3 CVE-2025-66471 HIGH 2.5.0 2.6.0 https://access.redhat.com/errata/RHSA-2026:1254 https://access.redhat.com/security/cve/CVE-2025-66471 https://bugzilla.redhat.com/2419455 https://bugzilla.redhat.com/2419467 https://bugzilla.redhat.com/2427726 https://errata.almalinux.org/8/ALSA-2026-1254.html https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7 https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37 https://linux.oracle.com/cve/CVE-2025-66471.html https://linux.oracle.com/errata/ELSA-2026-1254.html https://nvd.nist.gov/vuln/detail/CVE-2025-66471 https://ubuntu.com/security/notices/USN-7927-1 https://ubuntu.com/security/notices/USN-7927-2 https://ubuntu.com/security/notices/USN-7927-3 https://www.cve.org/CVERecord?id=CVE-2025-66471 https://www.openwall.com/lists/oss-security/2025/12/05/4 urllib3 CVE-2026-21441 HIGH 2.5.0 2.6.3 https://access.redhat.com/errata/RHSA-2026:1254 https://access.redhat.com/security/cve/CVE-2026-21441 https://bugzilla.redhat.com/2419455 https://bugzilla.redhat.com/2419467 https://bugzilla.redhat.com/2427726 https://errata.almalinux.org/8/ALSA-2026-1254.html https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99 https://linux.oracle.com/cve/CVE-2026-21441.html https://linux.oracle.com/errata/ELSA-2026-1254.html https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html https://nvd.nist.gov/vuln/detail/CVE-2026-21441 https://ubuntu.com/security/notices/USN-7955-1 https://ubuntu.com/security/notices/USN-7955-2 https://www.cve.org/CVERecord?id=CVE-2026-21441 wheel CVE-2026-24049 HIGH 0.45.1 0.46.2 https://access.redhat.com/security/cve/CVE-2026-24049 https://github.com/pypa/wheel https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef https://github.com/pypa/wheel/commit/934fe177ff912c8e03d5ae951d3805e1fd90ba5e https://github.com/pypa/wheel/releases/tag/0.46.2 https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx https://nvd.nist.gov/vuln/detail/CVE-2026-24049 https://www.cve.org/CVERecord?id=CVE-2026-24049 No Misconfigurations found