pkg:Go/github.com/chainguard-dev/malcontent
6 total CVEsMEDIUM4
✅ Check your installed version
All known vulnerabilities
MEDIUM6.5CVE-2026-24845malcontent OCI image pull credential exfiltration via malicious registry token realm in github.com/chainguard-dev/malcontent >= 0.10.0, < 1.20.3
MEDIUM6.5CVE-2026-24845malcontent OCI image pull credential exfiltration via malicious registry token realm in github.com/chainguard-dev/malcontent from 0, < 1.20.3
MEDIUM5.5CVE-2026-24846malcontent vulnerable to symlink Path Traversal via handleSymlink argument confusion in archive extraction in github.com/chainguard-dev/malcontent >= 1.8.0, < 1.20.3
MEDIUM5.5malcontent vulnerable to symlink Path Traversal via handleSymlink argument confusion in archive extraction in github.com/chainguard-dev/malcontent
>= 1.8.0, < 1.20.3
—malcontent: Nested archive extraction failure can drop content from scan inputs in github.com/chainguard-dev/malcontent
from 0, < 1.21.0
—malcontent: Nested archive extraction failure can drop content from scan inputs in github.com/chainguard-dev/malcontent
from 0, < 1.21.0