GO-2025-4149 OSV-SCALIBR has NULL Pointer Dereference in github.com/google/osv-scalibr

OSV-SCALIBR has NULL Pointer Dereference in github.com/google/osv-scalibr...

CVE-2025-13425

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

OSV-SCALIBR 安全漏洞

OSV-SCALIBR is an open source software portfolio analysis library from Google. A security vulnerability exists in OSV-SCALIBR that stems from a file system traversal path error that could cause an application to crash...

PT-2025-47589

Name of the Vulnerable Software and Affected Versions versions prior to 2025-13425 Description A flaw exists in the filesystem traversal fallback path, specifically within the fs/diriterate/diriterate.go:Next function. This issue causes an overindex on an empty slice when the ReadDir function...

EUVD-2025-18630

Malicious code in bioql PyPI...

GO-2025-3767 OSV-SCALIBR's Container Image Unpacking Vulnerable to Arbitrary File Write via Path Traversal in github.com/google/osv-scalibr

OSV-SCALIBR's Container Image Unpacking Vulnerable to Arbitrary File Write via Path Traversal in github.com/google/osv-scalibr...

Path Traversal

github.com/google/osv-scalibr is vulnerable to path traversal. The vulnerability is due to path traversal caused by improper validation of file paths when using the unpack function with the --remote-image flag on untrusted container images, allowing arbitrary file writes on the host system as the...

SUSE CVE-2025-5981

Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images...

OSV-SCALIBR's Container Image Unpacking Vulnerable to Arbitrary File Write via Path Traversal

Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images...

CVE-2025-5981

Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images...

CVE-2025-5981

Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images...

CVE-2025-5981

OSV-SCALIBR is affected by a path traversal vulnerability in its unpack() function used for container images, exploitable when the CLI flag --remote-image is used on untrusted images. The issue allows arbitrary file write on the host as the OSV-SCALIBR user. Several sources (GitHub commit referen...

CVE-2025-5981 Arbitrary File write in OSV-SCALIBR

Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images...

CVE-2025-5981 Arbitrary File write in OSV-SCALIBR

Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images...

PT-2025-25778 · Unknown · Osv-Scalibr

Name of the Vulnerable Software and Affected Versions: OSV-SCALIBR affected versions not specified Description: The issue allows for arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack function for container images. Th...