docker.io/weishaw/sub2api:0.1.126 - Trivy镜像安全扫描结果

低危漏洞:0

中危漏洞:2

高危漏洞:1

严重漏洞:0

系统OS: alpine 3.21.7 扫描引擎: Trivy 扫描时间: 2026-05-16 17:35

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

低危漏洞:0

中危漏洞:2

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
go.opentelemetry.io/otel	CVE-2026-29181	高危	v1.37.0	1.41.0	OpenTelemetry-Go: multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181 镜像层: sha256:5b68cebfdf4f8701be1dd77cfb8efe4493d66fe477ff6ed3494500689d78cd08 发布日期: 2026-04-07 21:17 修改: 2026-04-14 18:45
github.com/aws/aws-sdk-go-v2/service/s3	GHSA-xmrv-pmrh-hhx2	中危	v1.96.2	1.97.3	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:5b68cebfdf4f8701be1dd77cfb8efe4493d66fe477ff6ed3494500689d78cd08 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	GHSA-xmrv-pmrh-hhx2	中危	v1.7.5	1.7.8	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:5b68cebfdf4f8701be1dd77cfb8efe4493d66fe477ff6ed3494500689d78cd08 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

go.opentelemetry.io/otel

高危

v1.37.0

1.41.0

OpenTelemetry-Go: multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)