github.com/edgelesssys/contrast vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-3CCM-4QQ2-5WRPMediumgithub.com/edgelesssys/contrast: Constrata's coordinator transit engine `ciphertextContainer.UnmarshalJSON` panics on attacker-controlled short ciphertextsGHSA-6C87-G9PW-78FXLowgithub.com/edgelesssys/contrast: Contrast's Imagepuller registryFor uses unanchored suffix matching, leaking auth credentials and trusted CA configuration to sibling-domain…GHSA-RH99-WC69-C255Highgithub.com/edgelesssys/contrast: Contras Affected by CopyFile Policy Subversion via SymlinksGHSA-G9WW-X58F-9G6MHighgithub.com/edgelesssys/contrast: Contrast BadAML injection allows arbitrary code executionGHSA-F5P4-P5Q5-JV3HMediumgithub.com/edgelesssys/contrast: Contrast has insecure LUKS2 persistent storage partitions may be opened and usedGHSA-VXG3-W9RV-RHR2Highgithub.com/edgelesssys/contrast: Contrast leaks workload secrets to logs on INFO levelGHSA-PHHQ-63JG-FP7RLowgithub.com/edgelesssys/contrast: Contrast vulnerability allows arbitrary host data Injection into container VOLUME mount pointsGHSA-H5F8-CRRQ-4PW8Highgithub.com/edgelesssys/contrast: Contrast workload secrets leak to logs on INFO levelGHSA-VQV5-385R-2HF8Highgithub.com/edgelesssys/contrast: Contrast's unauthenticated recovery allows Coordinator impersonation

Stop the waste.
Protect your environment with Kodem.