osv-scalibr 0.1.3-0.1.7 and 0.1.3-0.2.0 - Arbitrary File Write via Path Traversal in unpack() Function
Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack() function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images.