Uncontrolled Resource Consumption
github.com/aquasecurity/trivy is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to the custom tar unpacker reading Helm chart archive .tgz entries using io.ReadAll without enforcing a size limit, which allows an attacker to supply a malicious compressed archive that...