VYPR

Syft

by Anchore

Source repositories

CVEs (2)

  • CVE-2026-33481MedMar 26, 2026
    risk 0.27cvss 5.3epss 0.00

    Syft is a a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Syft versions before v1.42.3 would not properly cleanup temporary storage if the temporary storage was exhausted during a scan. When scanning archives…

  • CVE-2023-24827Feb 7, 2023
    risk 0.00cvss epss 0.01

    syft is a a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. A password disclosure flaw was found in Syft versions v0.69.0 and v0.69.1. This flaw leaks the password stored in the SYFT_ATTEST_PASSWORD environment…