Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/43131?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43131?format=api", "vulnerability_id": "VCID-dbme-xuy9-pyec", "summary": "Clarify `mediaType` handling\n### Impact\nIn the OCI Image Specification version 1.0.1 and prior, manifest and index documents are not self-describing and documents with a single digest could be interpreted as either a manifest or an index.\n\n### Patches\nThe Image Specification will be updated to recommend that both manifest and index documents contain a `mediaType` field to identify the type of document.\nRelease [v1.0.2](https://github.com/opencontainers/image-spec/releases/tag/v1.0.2) includes these updates.\n\n### Workarounds\nSoftware attempting to deserialize an ambiguous document may reject the document if it contains both “manifests” and “layers” fields or “manifests” and “config” fields.\n\n### References\nhttps://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in https://github.com/opencontainers/image-spec\n* Email us at [security@opencontainers.org](mailto:security@opencontainers.org)\n* https://github.com/opencontainers/image-spec/commits/v1.0.2", "aliases": [ { "alias": "GHSA-77vh-xpmg-72qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/434682?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/434683?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/434684?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/434685?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/434686?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/434687?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/434688?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.19&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442619?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442620?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442621?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442622?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442623?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442624?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442625?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442626?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/442627?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452789?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452790?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452791?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452792?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452793?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452794?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452795?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452796?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/452797?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510781?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510782?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510783?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510784?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510785?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510786?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510787?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/510788?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520146?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520147?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520148?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520149?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520150?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520151?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520152?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520153?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/520154?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549227?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=aarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=aarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549228?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armhf&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armhf&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549229?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=armv7&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549230?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=loongarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549231?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=ppc64le&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549232?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=riscv64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=riscv64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549233?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=s390x&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549234?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/549235?format=api", "purl": "pkg:apk/alpine/singularity@3.8.5-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/singularity@3.8.5-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/76229?format=api", "purl": "pkg:golang/github.com/opencontainers/image-spec@1.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/image-spec@1.0.2" } ], "affected_packages": [], "references": [ { "reference_url": "https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m" }, { "reference_url": "https://github.com/opencontainers/image-spec", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencontainers/image-spec" }, { "reference_url": "https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c" }, { "reference_url": "https://github.com/opencontainers/image-spec/releases/tag/v1.0.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencontainers/image-spec/releases/tag/v1.0.2" }, { "reference_url": "https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh" } ], "weaknesses": [ { "cwe_id": 843, "name": "Access of Resource Using Incompatible Type ('Type Confusion')", "description": "The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type." } ], "exploits": [], "severity_range_score": "0.1 - 3.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dbme-xuy9-pyec" }