/

actions-runner
packaged by Chainguard

Last changed

Request a free trial

Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.

CVE ID	Severity	Package	Version
CVE-2026-34040	High	github.com/docker/docker	v28.5.2+incompatible.dirty
CVE-2026-41673	High	@xmldom/xmldom	0.8.12
CVE-2026-33747	High	github.com/moby/buildkit	v0.25.2
CVE-2026-5928	High	glibc	2.43-r6
CVE-2026-33748	High	github.com/moby/buildkit	v0.25.2
CVE-2026-34040	High	github.com/docker/docker	v28.5.2+incompatible
CVE-2026-41674	High	@xmldom/xmldom	0.8.12
CVE-2026-41672	High	@xmldom/xmldom	0.8.12
CVE-2026-41675	High	@xmldom/xmldom	0.8.12
CVE-2026-34040	High	github.com/docker/docker	v28.5.2+incompatible
CVE-2026-34040	High	github.com/docker/docker	v28.5.2+incompatible.dirty
CVE-2026-41673	High	@xmldom/xmldom	0.8.12
CVE-2026-41674	High	@xmldom/xmldom	0.8.12
CVE-2026-41672	High	@xmldom/xmldom	0.8.12
CVE-2026-41675	High	@xmldom/xmldom	0.8.12
GHSA-w5hq-g745-h8pq	Medium	uuid	8.3.2
CVE-2026-39984	Medium	github.com/sigstore/timestamp-authority/v2	v2.0.3
CVE-2026-33997	Medium	github.com/docker/docker	v28.5.2+incompatible.dirty
GHSA-w5hq-g745-h8pq	Medium	uuid	8.3.2
CVE-2026-33997	Medium	github.com/docker/docker	v28.5.2+incompatible
CVE-2026-33997	Medium	github.com/docker/docker	v28.5.2+incompatible
CVE-2026-33997	Medium	github.com/docker/docker	v28.5.2+incompatible.dirty

Last updated:

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

actions-runner
packaged by Chainguard

The trusted source for open source

Product

Solutions

Customers

Resources

Company