docker.io/weishaw/sub2api:0.1.128 - Trivy镜像安全扫描结果

低危漏洞:0

中危漏洞:2

高危漏洞:1

严重漏洞:0

系统OS: alpine 3.21.7 扫描引擎: Trivy 扫描时间: 2026-05-20 16:48

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

低危漏洞:0

中危漏洞:2

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
go.opentelemetry.io/otel	CVE-2026-29181	高危	v1.37.0	1.41.0	OpenTelemetry-Go: multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181 镜像层: sha256:cbdffba4370353fa5ab2e542c28ed4486768f17d60e295fb721142711df1a6bb 发布日期: 2026-04-07 21:17 修改: 2026-04-14 18:45
github.com/aws/aws-sdk-go-v2/service/s3	GHSA-xmrv-pmrh-hhx2	中危	v1.96.2	1.97.3	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:cbdffba4370353fa5ab2e542c28ed4486768f17d60e295fb721142711df1a6bb 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	GHSA-xmrv-pmrh-hhx2	中危	v1.7.5	1.7.8	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:cbdffba4370353fa5ab2e542c28ed4486768f17d60e295fb721142711df1a6bb 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

go.opentelemetry.io/otel

高危

v1.37.0

1.41.0

OpenTelemetry-Go: multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)