VYPR

Go modules package

github.com/anchore/stereoscope

pkg:golang/github.com/anchore/stereoscope

Vulnerabilities (1)

  • CVE-2024-24579Jan 31, 2024
    affected < 0.0.1fixed 0.0.1

    stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive