Go modules package
github.com/anchore/stereoscope
pkg:golang/github.com/anchore/stereoscope
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-24579 | — | < 0.0.1 | 0.0.1 | Jan 31, 2024 | stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive |
- CVE-2024-24579Jan 31, 2024affected < 0.0.1fixed 0.0.1
stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive