GHSA-VH4V-2XQ2-G5CG
CVE Details
Visit the official vulnerability details page for GHSA-VH4V-2XQ2-G5CG to learn more.
Initial Publication
07/01/2026
Last Update
07/01/2026
Third Party Dependency
oras.land/oras-go/v2
NIST CVE Summary
ORAS Go forwards registry credentials across registry redirects
CVE Severity
Our Official Summary
Investigation is ongoing to determine how this vulnerability affects our products.
Status
fixed
Affected Products & Versions
| Version | PaletteAI | PaletteAI VerteX |
|---|---|---|
| 1.1.6 | ⚠️ Impacted | ⚠️ Impacted |
| 1.0.7 | ⚠️ Impacted | ⚠️ Impacted |
Revision History
No revisions available.