Directory Security Advisories

Security Advisories

CGA-ghrp-j9wv-h896

Published

Last updated

https://images.chainguard.dev/security/CGA-ghrp-j9wv-h896

Package

mattermost-9

Latest Update

Fixed

Fixed Version

9.9.0-r1

Aliases

Severity

7.5

High

CVSS V3

Summary

Panic when parsing invalid palette-color images in golang.org/x/image

Description

Parsing a corrupt or malicious image with invalid color indices can cause a panic.

References

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

© 2024 Chainguard. All Rights Reserved.

Product

Chainguard Images

Why Chainguard

Container Image Security Vulnerability Remediation Compliance and Risk Mitigation Software Supply Chain Security AI/ML Security

Customers

Customer Stories Chainguard Love

Company

About Us Pricing Open Source Careers Newsroom Legal

Resources

Unchained Blog Events Trust Center Documentation