packaged by Chainguard
Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.
Expand | CVE ID | Severity | Package | Version | Last detected |
|---|---|---|---|---|---|
CVE-2026-49478 | High | github.com/sigstore/fulcio | v1.8.5 | ||
CVE-2026-48702 | High | github.com/sigstore/rekor | v1.5.1 | ||
CVE-2026-50163 | High | oras.land/oras-go/v2 | v2.6.0 | ||
CVE-2026-50151 | High | oras.land/oras-go/v2 | v2.6.0 | ||
CVE-2026-39822 | High | stdlib | go1.26.4 | ||
CVE-2026-49835 | Medium | github.com/sigstore/timestamp-authority/v2 | v2.0.6 | ||
GHSA-vh4v-2xq2-g5cg | Medium | oras.land/oras-go/v2 | v2.6.0 | ||
CVE-2026-42505 | Medium | stdlib | go1.26.4 | ||
CVE-2026-50162 | Medium | oras.land/oras-go/v2 | v2.6.0 | ||
CVE-2026-42505 | Medium | stdlib | go1.26.4 | ||
CVE-2026-48978 | Low | oras.land/oras-go/v2 | v2.6.0 | ||
GO-2026-5932 | Unknown | golang.org/x/crypto | v0.52.0 |