docker.io/gangz1o/glash:2.1.6 linux/amd64

docker.io/gangz1o/glash:2.1.6 - Trivy安全扫描结果扫描时间: 2026-05-15 21:06

全部漏洞信息

低危漏洞:3

中危漏洞:12

高危漏洞:8

严重漏洞:0

系统OS: alpine 3.19.9 扫描引擎: Trivy 扫描时间: 2026-05-15 21:06

docker.io/gangz1o/glash:2.1.6 (alpine 3.19.9) (alpine)

低危漏洞:3

中危漏洞:5

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
musl	CVE-2026-40200	高危	1.2.4_git20230717-r5	1.2.4_git20230717-r6	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
musl-utils	CVE-2026-40200	高危	1.2.4_git20230717-r5	1.2.4_git20230717-r6	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
busybox	CVE-2024-58251	中危	1.36.1-r20	1.36.1-r21	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
musl	CVE-2026-6042	中危	1.2.4_git20230717-r5	1.2.4_git20230717-r6	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
busybox-binsh	CVE-2024-58251	中危	1.36.1-r20	1.36.1-r21	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
musl-utils	CVE-2026-6042	中危	1.2.4_git20230717-r5	1.2.4_git20230717-r6	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
ssl_client	CVE-2024-58251	中危	1.36.1-r20	1.36.1-r21	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
busybox-binsh	CVE-2025-46394	低危	1.36.1-r20	1.36.1-r21	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
busybox	CVE-2025-46394	低危	1.36.1-r20	1.36.1-r21	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
ssl_client	CVE-2025-46394	低危	1.36.1-r20	1.36.1-r21	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:0b44b2151d78267ab6f2c76208c3be18688f49b2b0afd6852a9533f2cce121c5 发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38

app/mihomo (gobinary)

低危漏洞:0

中危漏洞:7

高危漏洞:6

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2025-22869	高危	v0.33.0	0.35.0	golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22869 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2025-02-26 08:14 修改: 2025-05-01 19:28
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	When using LookupCNAME with the cgo DNS resolver, a very long CNAME re ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-08 19:16
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	Panic in Dial and LookupPort when handling NUL byte on Windows in net 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
golang.org/x/crypto	CVE-2025-58181	中危	v0.33.0	0.45.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:29
golang.org/x/net	CVE-2025-22870	中危	v0.35.0	0.36.0	golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22870 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2025-03-12 19:15 修改: 2026-04-16 23:16
golang.org/x/net	CVE-2025-22872	中危	v0.35.0	0.38.0	golang.org/x/net/html: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22872 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2025-04-16 18:16 修改: 2026-04-15 00:35
golang.org/x/crypto	CVE-2025-47914	中危	v0.33.0	0.45.0	golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:36
stdlib	CVE-2026-39823	中危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib	CVE-2026-39825	中危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	If a trusted template author were to write a <script> tag containing a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:20cc71a117f25dbc6dd8011dce6d71b113bc6160d888005c5bf2bc54c0ba0000 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16