VYPR

Registry Support

by Devfile

Source repositories

CVEs (1)

  • CVE-2024-1485HigFeb 14, 2024
    risk 0.45cvss 8.0epss 0.01

    A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup…