PT-2026-26768 · Syft · Syft

Htrgouvea

Publicado

2026-03-20

Atualizado

2026-04-01

CVE-2026-33481

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Syft versions prior to 1.42.3

Description Syft did not properly remove temporary files if temporary storage became full during a scan. This occurred when unpacking archives, specifically with large or highly compressed archives. The issue caused Syft to exit without deleting temporary files, leading to depletion of temporary storage and potentially preventing future Syft runs or other system utilities from functioning correctly.

Recommendations Update to version 1.42.3 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-460

Identificadores relacionados

CLEANSTART-2026-WN01990

CVE-2026-33481

GHSA-RJCW-VG7J-M9RC

GO-2026-4809

SUSE-SU-2026:1135-1

Produtos afetados

Syft

PT-2026-26768 · Syft · Syft

CVE-2026-33481

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 216