Lucene search
+L

4 matches found

osv
osv
added 2026/07/07 4:21 p.m.1 views

OPENSUSE-SU-2026:21249-1 Security update for trivy

This update for trivy fixes the following issues Update to version 0.72.0. - CVE-2026-54448: tar unpacker reads scanned Helm chart archives .tgz with io.ReadAlltr and defines no size limit, which can lead to a DoS bsc1269271. - CVE-2026-55092: org.opencontainers.image.title annotation from OCI...

7.5CVSS6.2AI score0.00292EPSS
Exploits0References4
github
github
added 2026/05/19 3:47 p.m.21 views

ORAS Java: Path traversal in pullArtifact via attacker-controlled org.opencontainers.image.title annotation

Summary The pullArtifact methods in Registry and OCILayout use the org.opencontainers.image.title annotation from a pulled manifest as a filename, resolving it against the caller supplied output directory without normalization or a containment check. A manifest publisher can set this annotation t...

5.9AI score
Exploits0References2Affected Software1
openvas
openvas
added 2021/12/10 12:0 a.m.14 views

Fedora: Security Advisory for golang-github-opencontainers-image-spec (FEDORA-2021-62352983b4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5CVSS6.5AI score0.02085EPSS
Exploits0References2
openvas
openvas
added 2021/12/10 12:0 a.m.19 views

Fedora: Security Advisory for golang-github-opencontainers-image-spec (FEDORA-2021-6789ed60f2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5CVSS6.5AI score0.02085EPSS
Exploits0References2
Rows per page
Query Builder