🛡️ Security Scan Report

Trivy Vulnerability & Secret Scanner
Service: eizen-agent-ui
Branch: feature/voicefix
Build: #253
Date: 2026-06-24 12:53:11

0

Critical

9

High

3

Medium

0

Low

3

Secrets

1

Misconfig

🔴 Vulnerabilities (11)
SeverityCVE IDPackageInstalledFixed InDescription
HIGH CVE-2022-0235 node-fetch 2.1.2 3.1.1, 2.6.7 node-fetch: exposure of sensitive information to an unauthorized actor
HIGH CVE-2024-4367 pdfjs-dist 3.11.174 4.2.67 Mozilla: Arbitrary JavaScript execution in PDF.js
HIGH CVE-2026-23745 tar 6.2.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in
HIGH CVE-2026-23950 tar 6.2.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition
HIGH CVE-2026-24842 tar 6.2.1 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security chec
HIGH CVE-2026-26960 tar 6.2.1 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation
HIGH CVE-2026-29786 tar 6.2.1 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath
HIGH CVE-2026-31802 tar 6.2.1 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal
MEDIUM CVE-2026-53655 tar 6.2.1 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...
MEDIUM CVE-2026-41907 uuid 10.0.0 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality
MEDIUM CVE-2026-41907 uuid 8.0.0 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality
🔑 Secrets (3)
TypeFileLineMatch
AWS security-reports/gitleaks-report.json 49 "Match": "********************",...
AWS security-reports/gitleaks-report.json 50 "Secret": "********************",...
AWS src/services/AwsService.ts 6 accessKeyId: "********************",...
⚙️ Misconfigurations (1)
SeverityIDCheckFileMessage
HIGH DS002 Image user should not be 'root' Dockerfile Specify at least 1 USER command in Dockerfile with non-root user as argument
📄 Raw JSON Report (click to expand)