3 matches found
CVE-2026-24845 malcontent's OCI image scanning could expose registry credentials
malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 0.10.0 and prior to version 1.20.3, malcontent could be made to expose Docker registry credentials if it scanned a specially crafted OCI image reference. malcontent uses...
Malcontent security vulnerabilities
Malcontent is a supply chain attack detection tool developed by Chainguard. Versions prior to 1.20.3 of Malcontent contain security vulnerabilities. These vulnerabilities arise from the possibility of exposing Docker registry credentials during the scanning of specially crafted OCI image referenc...
AZL-52452 CVE-2024-0134 affecting package nvidia-container-toolkit for versions less than 1.17.1-1
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this...