High/Critical Vulnerabilities Found on latest build

<!DOCTYPE html>
<html>
  <body>
    <h1>backend-node-service:latest (alpine 3.20.0) - Trivy Report - 2025-01-20 08:14:15.405799642 +0000 UTC m=+7.499554989</h1>
    <table>
      <tr class="group-header"><th colspan="6">alpine</th></tr>
      <tr><th colspan="6">No Vulnerabilities found</th></tr>
      <tr><th colspan="6">No Misconfigurations found</th></tr>
      <tr class="group-header"><th colspan="6">node-pkg</th></tr>
      <tr class="sub-header">
        <th>Package</th>
        <th>Vulnerability ID</th>
        <th>Severity</th>
        <th>Installed Version</th>
        <th>Fixed Version</th>
        <th>Links</th>
      </tr>
      <tr class="severity-HIGH">
        <td class="pkg-name">cross-spawn</td>
        <td>CVE-2024-21538</td>
        <td class="severity">HIGH</td>
        <td class="pkg-version">7.0.3</td>
        <td>7.0.5, 6.0.6</td>
        <td class="links" data-more-links="off">
          <a href="https://access.redhat.com/security/cve/CVE-2024-21538">https://access.redhat.com/security/cve/CVE-2024-21538</a>
          <a href="https://github.com/moxystudio/node-cross-spawn">https://github.com/moxystudio/node-cross-spawn</a>
          <a href="https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff">https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff</a>
          <a href="https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f">https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f</a>
          <a href="https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd">https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd</a>
          <a href="https://github.com/moxystudio/node-cross-spawn/issues/165">https://github.com/moxystudio/node-cross-spawn/issues/165</a>
          <a href="https://github.com/moxystudio/node-cross-spawn/pull/160">https://github.com/moxystudio/node-cross-spawn/pull/160</a>
          <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-21538">https://nvd.nist.gov/vuln/detail/CVE-2024-21538</a>
          <a href="https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349">https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349</a>
          <a href="https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230">https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230</a>
          <a href="https://www.cve.org/CVERecord?id=CVE-2024-21538">https://www.cve.org/CVERecord?id=CVE-2024-21538</a>
        </td>
      </tr>
      <tr><th colspan="6">No Misconfigurations found</th></tr>
    </table>
  </body>
</html>


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

High/Critical Vulnerabilities Found on latest build #9

backend-node-service:latest (alpine 3.20.0) - Trivy Report - 2025-01-20 08:14:15.405799642 +0000 UTC m=+7.499554989

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

alpine
No Vulnerabilities found
No Misconfigurations found
node-pkg
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
cross-spawn	CVE-2024-21538	HIGH	7.0.3	7.0.5, 6.0.6	https://access.redhat.com/security/cve/CVE-2024-21538 https://github.com/moxystudio/node-cross-spawn moxystudio/node-cross-spawn@`5ff3a07` moxystudio/node-cross-spawn@`640d391` moxystudio/node-cross-spawn@`d35c865` moxystudio/node-cross-spawn#165 moxystudio/node-cross-spawn#160 https://nvd.nist.gov/vuln/detail/CVE-2024-21538 https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349 https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 https://www.cve.org/CVERecord?id=CVE-2024-21538
No Misconfigurations found

High/Critical Vulnerabilities Found on latest build #9

Description

backend-node-service:latest (alpine 3.20.0) - Trivy Report - 2025-01-20 08:14:15.405799642 +0000 UTC m=+7.499554989

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions