CVE-2022-4899
ADVISORY - githubSummary
A vulnerability was found in zstd v1.4.10, where an attacker can supply an empty string as an argument to the command line tool to cause buffer overrun.
EPSS Score: 0.00205 (0.432)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Uncontrolled Resource Consumption
ADVISORY - github
Uncontrolled Resource Consumption
ADVISORY - gitlab
ADVISORY - redhat
Uncontrolled Resource Consumption
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in