Advisory GHSA-q3fv-x8vg-qqm4 references a vulnerability in the following Go modules:
Description:
Summary
When Trivy scans a Helm chart archive (.tgz), its custom tar unpacker reads each entry with io.ReadAll(tr) and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer.
Affected configurations
Exploitation requires the attacker to place a crafted .tgz file in a location that Trivy will scan as a Helm chart. This applies to the following scan targets:
| Command |
Condition |
trivy config <dir> |
Dir... |
References:
Cross references:
- github.com/aquasecurity/trivy appears in 2 other report(s):
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING
modules:
- module: github.com/aquasecurity/trivy
versions:
- fixed: 0.71.0
vulnerable_at: 0.70.0
summary: 'Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser in github.com/aquasecurity/trivy'
cves:
- CVE-2026-54448
ghsas:
- GHSA-q3fv-x8vg-qqm4
references:
- advisory: https://github.com/advisories/GHSA-q3fv-x8vg-qqm4
- advisory: https://github.com/aquasecurity/trivy/security/advisories/GHSA-q3fv-x8vg-qqm4
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2026-54448
- fix: https://github.com/aquasecurity/trivy/commit/441251e51ae46cbcf7f436547e0a5766b25328b4
- fix: https://github.com/aquasecurity/trivy/pull/10718
- web: https://github.com/aquasecurity/trivy/releases/tag/v0.71.0
source:
id: GHSA-q3fv-x8vg-qqm4
created: 2026-07-14T20:01:21.96282791Z
review_status: UNREVIEWED
Advisory GHSA-q3fv-x8vg-qqm4 references a vulnerability in the following Go modules:
Description:
Summary
When Trivy scans a Helm chart archive (
.tgz), its custom tar unpacker reads each entry withio.ReadAll(tr)and no size limit. An attacker who can place a malicious.tgzfile in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer.Affected configurations
Exploitation requires the attacker to place a crafted
.tgzfile in a location that Trivy will scan as a Helm chart. This applies to the following scan targets:trivy config <dir>References:
Cross references:
See doc/quickstart.md for instructions on how to triage this report.