Directories
Click to show internal directories.
Click to hide internal directories.
Affected by GO-2025-3815
and 5 other vulnerabilities
GO-2025-3815: melange's world-writable permissions expose SBOM files to potential image tampering in chainguard.dev/melange
GO-2026-4407: melange QEMU runner could write files outside workspace directory in chainguard.dev/melange
GO-2026-4408: melange pipeline working-directory could allow command injection in chainguard.dev/melange
GO-2026-4409: melange has a path traversal in license-path which allows reading files outside workspace in chainguard.dev/melange
GO-2026-4412: melange affected by potential host command execution via license-check YAML mode patch pipeline in chainguard.dev/melange
GO-2026-4588: `melange update-cache` has unbounded HTTP download that can exhaust disk in CI in chainguard.dev/melange
internal/
directory
v0.26.7
Go to latest
Published: Jun 6, 2025
License: Apache-2.0
Opens a new window with list of versions in this module.
Latest
Latest
This package is not in the latest version of its module.
Opens a new window with license information.