ghcr.io/wei-shaw/sub2api:0.1.135 linux/amd64

ghcr.io/wei-shaw/sub2api:0.1.135 - Trivy安全扫描结果扫描时间: 2026-06-09 09:22

全部漏洞信息

低危漏洞:0

中危漏洞:3

高危漏洞:1

严重漏洞:0

系统OS: alpine 3.21.7 扫描引擎: Trivy 扫描时间: 2026-06-09 09:22

ghcr.io/wei-shaw/sub2api:0.1.135 (alpine 3.21.7) (alpine)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

app/sub2api (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
go.opentelemetry.io/otel	CVE-2026-29181	高危	v1.37.0	1.41.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181 镜像层: sha256:6e7d839e3e5034e0574afcc7dd232b787f1c497264882d4f6a0710fa294fc739 发布日期: 2026-04-07 21:17 修改: 2026-04-14 18:45
github.com/aws/aws-sdk-go-v2/service/s3	GHSA-xmrv-pmrh-hhx2	中危	v1.96.2	1.97.3	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:6e7d839e3e5034e0574afcc7dd232b787f1c497264882d4f6a0710fa294fc739 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/quic-go/quic-go	CVE-2026-40898	中危	v0.57.1	0.59.1	quic-go is an implementation of the QUIC protocol in Go. Prior to vers ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40898 镜像层: sha256:6e7d839e3e5034e0574afcc7dd232b787f1c497264882d4f6a0710fa294fc739 发布日期: 2026-06-04 19:16 修改: 2026-06-05 21:08
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	GHSA-xmrv-pmrh-hhx2	中危	v1.7.5	1.7.8	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:6e7d839e3e5034e0574afcc7dd232b787f1c497264882d4f6a0710fa294fc739 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18