VYPR

Bitnami package

oras

pkg:bitnami/oras

Vulnerabilities (1)

  • CVE-2021-21272Jan 25, 2021
    affected >= 0.4.0, < 0.9.0fixed 0.9.0

    ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature all