Vulnerability identifier: #VU58229
Vulnerability risk: Low
Exploitation vector: Network
Exploit availability: No
Vendor: Open Container Initiative
The vulnerability allows a remote attacker to compromise the system.
The vulnerability exists due to a type confusion error. A remote authenticated attacker can pass specially crafted data to the application, trigger a type confusion error and interpret the resulting content differently.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
OCI Distribution Specification: 1.0.0
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?