Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-dbme-xuy9-pyec

Summary

Clarify `mediaType` handling
### Impact
In the OCI Image Specification version 1.0.1 and prior, manifest and index documents are not self-describing and documents with a single digest could be interpreted as either a manifest or an index.

### Patches
The Image Specification will be updated to recommend that both manifest and index documents contain a `mediaType` field to identify the type of document.
Release [v1.0.2](https://github.com/opencontainers/image-spec/releases/tag/v1.0.2) includes these updates.

### Workarounds
Software attempting to deserialize an ambiguous document may reject the document if it contains both “manifests” and “layers” fields or “manifests” and “config” fields.

### References
https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m

### For more information
If you have any questions or comments about this advisory:
* Open an issue in https://github.com/opencontainers/image-spec
* Email us at [security@opencontainers.org](mailto:security@opencontainers.org)
* https://github.com/opencontainers/image-spec/commits/v1.0.2

Aliases

alias	GHSA-77vh-xpmg-72qh

Fixed_packages

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.21&reponame=community

url	pkg:golang/github.com/opencontainers/image-spec@1.0.2
purl	pkg:golang/github.com/opencontainers/image-spec@1.0.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/image-spec@1.0.2

Affected_packages

References

reference_url

https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m

reference_url

https://github.com/opencontainers/image-spec

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/image-spec

reference_url

https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c

reference_url

https://github.com/opencontainers/image-spec/releases/tag/v1.0.2

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/image-spec/releases/tag/v1.0.2

reference_url

https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh

Weaknesses

cwe_id	843
name	Access of Resource Using Incompatible Type ('Type Confusion')
description	The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

Exploits

Severity_range_score 0.1 - 3

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dbme-xuy9-pyec

Vulnerability Instance