3 matches found
CVE-2026-44218
ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...
CVE-2026-44220
ciguard is a static security auditor for CI/CD pipelines. From 0.8.0 to 0.8.1 , the discoverpipelinefiles function in src/ciguard/discovery.py walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory t...
ciguard 安全漏洞
Ciguard is a security auditing and visualization tool for CI/CD pipelines developed by Johannes Moore. Versions of Ciguard from 0.1.0 to 0.8.1 contain security vulnerabilities. These vulnerabilities stem from the default root user inherited by the published container images, due to the lack of a...