9 matches found
SUSE CVE-2026-28407
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...
EUVD-2026-9078
malcontent: Nested archive extraction failure can drop content from scan inputs...
malcontent: Nested archive extraction failure can drop content from scan inputs
Previously, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archives so that malcontent can attempt a best-effort scan of the archive bytes. Fix:...
CVE-2026-28407
CVE-2026-28407 affects malcontent (software for supply‑chain analysis). Prior to version 1.21.0, it could drop or discard nested archives that failed to extract, potentially omitting content from scans. The root cause is the removal of nested archives during processing. Version 1.21.0 fixes the i...
CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...
CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...
CVE-2026-28407
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...
CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs
malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...
PT-2026-22408
Name of the Vulnerable Software and Affected Versions malcontent versions prior to 1.21.0 Description malcontent is software designed for identifying supply-chain compromises using context, differential analysis, and YARA. Before version 1.21.0, the software removed nested archives that failed to...