2 matches found
CVE-2026-10517
A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured opt-in, not enforced by default, an unauthenticated attacker can submit a manifest with...
PT-2026-45353
Name of the Vulnerable Software and Affected Versions Clair affected versions not specified Description A flaw in the fetcher component allows the system to make outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors because it lacks IP or scheme filtering. When Pre-Shar...