docker.io/weishaw/sub2api:0.1.141 linux/amd64

docker.io/weishaw/sub2api:0.1.141 - Trivy安全扫描结果 扫描时间: 2026-06-30 22:08
全部漏洞信息
低危漏洞:0 中危漏洞:10 高危漏洞:10 严重漏洞:0

系统OS: alpine 3.21.7 扫描引擎: Trivy 扫描时间: 2026-06-30 22:08

docker.io/weishaw/sub2api:0.1.141 (alpine 3.21.7) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
app/sub2api (gobinary)
低危漏洞:0 中危漏洞:10 高危漏洞:10 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
go.opentelemetry.io/otel CVE-2026-29181 高危 v1.37.0 1.41.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-04-07 21:17 修改: 2026-06-30 03:18
golang.org/x/crypto CVE-2026-39827 高危 v0.51.0 0.52.0 An authenticated SSH client that repeatedly opened channels which were ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto CVE-2026-39828 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
golang.org/x/crypto CVE-2026-39829 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
golang.org/x/crypto CVE-2026-39830 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
golang.org/x/crypto CVE-2026-39832 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
golang.org/x/crypto CVE-2026-39835 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
golang.org/x/crypto CVE-2026-42508 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
golang.org/x/crypto CVE-2026-46595 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:20
golang.org/x/crypto CVE-2026-46597 高危 v0.51.0 0.52.0 An incorrectly placed cast from bytes to int allowed for server-side p ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
github.com/aws/aws-sdk-go-v2/service/s3 GHSA-xmrv-pmrh-hhx2 中危 v1.96.2 1.97.3 Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder

漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/quic-go/quic-go CVE-2026-40898 中危 v0.57.1 0.59.1 quic-go is an implementation of the QUIC protocol in Go. Prior to vers ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40898

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-06-04 19:16 修改: 2026-06-17 10:45
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream GHSA-xmrv-pmrh-hhx2 中危 v1.7.5 1.7.8 Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder

漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
golang.org/x/crypto CVE-2026-39831 中危 v0.51.0 0.52.0 The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto CVE-2026-39833 中危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto CVE-2026-39834 中危 v0.51.0 0.52.0 When writing data larger than 4GB in a single Write call on an SSH cha ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto CVE-2026-46598 中危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
golang.org/x/image CVE-2026-33813 中危 v0.39.0 0.42.0 golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33813

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-04-21 20:16 修改: 2026-06-25 20:17
golang.org/x/image CVE-2026-46599 中危 v0.39.0 0.41.0 golang.org/x/image/tiff: golang.org/x/image/tiff: Denial of Service via crafted PackBits-compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46599

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:53
golang.org/x/image CVE-2026-46601 中危 v0.39.0 0.43.0 golang.org/x/image/webp: golang.org/x/image/webp: Denial of Service via malformed VP8 chunk in WebP images

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46601

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16
golang.org/x/image CVE-2026-42500 未知 v0.39.0 0.41.0 Decoding a paletted BMP file with an out-of-range palette index result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42500

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:47
golang.org/x/image CVE-2026-46602 未知 v0.39.0 0.43.0 The TIFF decoder does not set a limit on the size of tiles in tiled im ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46602

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16
golang.org/x/image CVE-2026-46604 未知 v0.39.0 0.43.0 The TIFF decoder can panic when decoding an invalid image with an out- ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46604

镜像层: sha256:7e9f693d3d73fc52e48a173721f96cff64f871c958c8bf9f9eceb42bf99ef2b5

发布日期: 2026-06-26 21:16 修改: 2026-06-29 19:15
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×