Filtered by vendor Google
Subscriptions
Filtered by product Osv-scalibr
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13425 | 1 Google | 1 Osv-scalibr | 2025-11-24 | 3.3 Low |
| A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next() to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic (index out of range) and an application crash (denial of service) in OSV-SCALIBR. | ||||
| CVE-2025-5981 | 1 Google | 1 Osv-scalibr | 2025-08-07 | 6.5 Medium |
| Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack() function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images. | ||||
Page 1 of 1.