Syft

Latest version: v0.8.6

Vulnerabilities (16)

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
CVE-2021-27291	66857	Syft version 0.8.5b10 updates its Pygments dependency to version 2.15…	<0.8.5b10 <0.8.6	HIGH	7.5
CVE-2020-11022	66901	Syft version 0.8.5b10 updates its Sphinx dependency to version 3.3.0,…	<0.8.5b10	MEDIUM	6.1
CVE-2020-11023	66902	Syft version 0.8.5b10 updates its Sphinx dependency to version 3.3.0,…	<0.8.5b10	MEDIUM	6.1
CVE-2022-40897	65499	Syft version 0.8.5 updates its setuptools requirement to version 65.5…	<0.8.5	MEDIUM	5.9
CVE-2023-37920	63096	Syft 0.8.4b4 updates its dependency 'certifi' to 2023.7.22 to include…	<0.8.4b4	CRITICAL	9.8
CVE-2021-27291	63097	Syft 0.8.4b4 updates its dependency 'pygments' to 2.15.0 to include a…	<0.8.4b4	HIGH	7.5
CVE-2022-40896	63099	Syft 0.8.4b4 updates its dependency 'pygments' to 2.15.0 to include a…	<0.8.4b4	MEDIUM	5.5
CVE-2021-20270	63098	Syft 0.8.4b4 updates its dependency 'pygments' to 2.15.0 to include a…	<0.8.4b4	HIGH	7.5
CVE-2020-11023	63101	Syft 0.8.4b4 updates its dependency 'sphinx' to 3.3.0 to include a se…	<0.8.4b4	MEDIUM	6.1
CVE-2023-32681	63100	Syft 0.8.4b4 updates its dependency 'requests' to 2.31.0 to include a…	<0.8.4b4	MEDIUM	6.1
CVE-2022-23491	63086	Syft 0.8.4b4 updates its dependency 'certifi' to 2023.7.22 to include…	<0.8.4b4	HIGH	7.5
CVE-2023-41039	61959	Syft 0.8.2b40 updates its dependency 'RestrictedPython' to 6.2 to inc…	<0.8.2b40	HIGH	7.7
PVE-2023-62330	62330	Syft 0.8.2b19 removes clear-text logging of sensitive information. h…	<0.8.2b19	-	-
CVE-2021-32677	53713	Syft 0.6.0a0 updates its dependency 'fastapi' to v0.68.0 to include a…	<0.6.0a0	HIGH	8.1
PVE-2021-37930	37930	Syft 0.2.3.a1 removes an insecure eval in native tensor interpreter. …	<0.2.3.a1	HIDDEN	X.Y
CVE-2017-18342	37958	Syft 0.2.3 uses yaml.safe_load() to fix an arbitrary code execution v…	<0.2.3	CRITICAL	9.8