ghcr.io/sagernet/sing-box:v1.13.13 linux/amd64

ghcr.io/sagernet/sing-box:v1.13.13 - Trivy安全扫描结果扫描时间: 2026-06-09 16:29

全部漏洞信息

低危漏洞:1

中危漏洞:2

高危漏洞:2

严重漏洞:0

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-06-09 16:29

ghcr.io/sagernet/sing-box:v1.13.13 (alpine 3.23.4) (alpine)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/sing-box (gobinary)

低危漏洞:1

中危漏洞:2

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/go-jose/go-jose/v4	CVE-2026-34986	高危	v4.1.3	4.1.4	github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34986 镜像层: sha256:8596515015cfcff2d729cc1cebc54cd3745b08f87052cf3bc2a98d22d8eba258 发布日期: 2026-04-06 17:17 修改: 2026-05-04 15:20
stdlib	CVE-2026-42504	高危	v1.25.10	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:8596515015cfcff2d729cc1cebc54cd3745b08f87052cf3bc2a98d22d8eba258 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.25.10	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:8596515015cfcff2d729cc1cebc54cd3745b08f87052cf3bc2a98d22d8eba258 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-42507	中危	v1.25.10	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:8596515015cfcff2d729cc1cebc54cd3745b08f87052cf3bc2a98d22d8eba258 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
filippo.io/edwards25519	CVE-2026-26958	低危	v1.1.0	1.1.1	filippo.io/edwards25519: filippo.io/edwards25519: Cryptographic integrity bypass due to incorrect MultiScalarMult results 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26958 镜像层: sha256:8596515015cfcff2d729cc1cebc54cd3745b08f87052cf3bc2a98d22d8eba258 发布日期: 2026-02-19 23:16 修改: 2026-04-15 00:35