Skip to main content
Version: v1.1.x

GHSA-VH4V-2XQ2-G5CG

CVE Details

Visit the official vulnerability details page for GHSA-VH4V-2XQ2-G5CG to learn more.

Initial Publication

07/01/2026

Last Update

07/01/2026

Third Party Dependency

oras.land/oras-go/v2

NIST CVE Summary

ORAS Go forwards registry credentials across registry redirects

CVE Severity

0

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

fixed

Affected Products & Versions

VersionPaletteAIPaletteAI VerteX
1.1.6⚠️ Impacted⚠️ Impacted
1.0.7⚠️ Impacted⚠️ Impacted

Revision History

No revisions available.