docker.io/weishaw/sub2api:0.1.147 linux/amd64

docker.io/weishaw/sub2api:0.1.147 - Trivy安全扫描结果 扫描时间: 2026-07-09 18:42
全部漏洞信息
低危漏洞:0 中危漏洞:8 高危漏洞:10 严重漏洞:0

系统OS: alpine 3.21.7 扫描引擎: Trivy 扫描时间: 2026-07-09 18:42

docker.io/weishaw/sub2api:0.1.147 (alpine 3.21.7) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
app/sub2api (gobinary)
低危漏洞:0 中危漏洞:8 高危漏洞:10 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
go.opentelemetry.io/otel CVE-2026-29181 高危 v1.37.0 1.41.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-04-07 21:17 修改: 2026-06-30 03:18

golang.org/x/crypto CVE-2026-39828 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-07-07 12:16

golang.org/x/crypto CVE-2026-39829 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-07-06 13:16

golang.org/x/crypto CVE-2026-39830 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-07-06 13:16

golang.org/x/crypto CVE-2026-39831 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39832 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-07-06 13:16

golang.org/x/crypto CVE-2026-39835 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-07-03 13:17

golang.org/x/crypto CVE-2026-42508 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-07-06 13:16

golang.org/x/crypto CVE-2026-46595 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-07-06 13:17

golang.org/x/crypto CVE-2026-46597 高危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53

github.com/quic-go/quic-go CVE-2026-40898 中危 v0.57.1 0.59.1 quic-go is an implementation of the QUIC protocol in Go. Prior to vers ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40898

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-06-04 19:16 修改: 2026-06-17 10:45

golang.org/x/crypto CVE-2026-39827 中危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via repeated rejected channel openings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39833 中危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39834 中危 v0.51.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service due to integer overflow in SSH channel write

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-46598 中危 v0.51.0 0.52.0 golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53

golang.org/x/image CVE-2026-33813 中危 v0.39.0 0.42.0 golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33813

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-04-21 20:16 修改: 2026-06-25 20:17

golang.org/x/image CVE-2026-46599 中危 v0.39.0 0.41.0 golang.org/x/image/tiff: golang.org/x/image/tiff: Denial of Service via crafted PackBits-compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46599

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:53

golang.org/x/image CVE-2026-46601 中危 v0.39.0 0.43.0 golang.org/x/image/webp: golang.org/x/image/webp: Denial of Service via malformed VP8 chunk in WebP images

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46601

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16

golang.org/x/crypto GO-2026-5932 未知 v0.51.0 The golang.org/x/crypto/openpgp package is unmaintained, unsafe by design, and has known security issues

漏洞详情:

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

golang.org/x/image CVE-2026-42500 未知 v0.39.0 0.41.0 Decoding a paletted BMP file with an out-of-range palette index result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42500

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:47

golang.org/x/image CVE-2026-46602 未知 v0.39.0 0.43.0 The TIFF decoder does not set a limit on the size of tiles in tiled im ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46602

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16

golang.org/x/image CVE-2026-46604 未知 v0.39.0 0.43.0 The TIFF decoder can panic when decoding an invalid image with an out- ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46604

镜像层: sha256:e2e81e78f5ab52c1845dd9315543d787c8ba10ee873a28a5fa103a1305103361

发布日期: 2026-06-26 21:16 修改: 2026-07-01 14:07

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×