bitnami-mongodb-7.0.21-2_linux_arm64

digest	sha256:7fb0267e07ee112bfe0f40843dfdb69a569d6ff036b3b58297cde0543880a820
vulnerabilities
platform	linux/arm64
size	230 MB
packages	674

tar-fs 2.1.3 (npm) pkg:npm/tar-fs@2.1.3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range >=2.0.0 <2.1.4 Fixed version 2.1.4 CVSS Score 8.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N EPSS Score 0.066% EPSS Percentile 21st percentile Description Impact v3.1.0, v2.1.3, v1.16.5 and below Patches Has been patched in 3.1.1, 2.1.4, and 1.16.6 Workarounds You can use the ignore option to ignore non files/directories. ignore (_, header) { // pass files & directories, ignore e.g. symlinks return header.type !== 'file' && header.type !== 'directory' } Credit Reported by: Mapta / BugBunny_ai

stdlib 1.24.4 (golang) pkg:golang/stdlib@1.24.4 Affected range >=1.24.0 <1.24.6 Fixed version 1.24.6 EPSS Score 0.022% EPSS Percentile 4th percentile Description If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.