Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network delivery of crafted archive, no attacker privileges needed, but operator must trigger the scan (UI:R); impact is availability-only, scope unchanged.
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive (.tgz), its custom tar unpacker reads each entry with io.ReadAll(tr) and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer. This vulnerability is fixed in 0.71.0.
AnalysisAI
Decompression bomb (zip bomb) in Trivy's Helm chart scanner causes denial of service via OOM kill when processing a crafted .tgz archive. Affected versions prior to 0.71.0 use io.ReadAll without any size cap on tar entries inside Helm chart archives, allowing a small compressed file to expand to gigabytes in memory. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attacker must be able to place or serve a malicious .tgz file at a path that Trivy is configured to scan - for example, by committing a crafted Helm chart to a repository, uploading to a registry, or depositing a file in a shared artifact directory. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 6.9 (AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H) accurately reflects the risk profile: availability impact is high (process termination), but confidentiality and integrity are unaffected and both the vulnerable system and subsequent systems show no further blast radius. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with write access to a repository or artifact store targeted by a Trivy CI scan uploads a crafted Helm chart .tgz containing a single highly-compressed file that expands to several gigabytes when decompressed. When an automated pipeline or developer runs a Trivy scan against that path, Trivy's parser calls io.ReadAll on the archive entry, allocating gigabytes of memory until the Linux OOM killer terminates the Trivy process, silently interrupting the security scan. … |
| Remediation | Upgrade Trivy to version 0.71.0 or later, which replaces the unbounded io.ReadAll tar unpacking with safe Helm library routines (vendor-released patch confirmed at https://github.com/aquasecurity/trivy/pull/10718 and https://github.com/aquasecurity/trivy/security/advisories/GHSA-q3fv-x8vg-qqm4). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Denial Of Service
View allVendor StatusVendor
SUSE
Severity: ModerateShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39479
GHSA-q3fv-x8vg-qqm4