CVE-2026-54448
MEDIUMTrivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser
Title source: cnaDescription
Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive (.tgz), its custom tar unpacker reads each entry with io.ReadAll(tr) and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer. This vulnerability is fixed in 0.71.0.
References (2)
Core 2
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/aquasecurity/trivy/security/advisories/GHSA-q3fv-x8vg-qqm4
X_Refsource_Misc x_refsource_misc
https://github.com/aquasecurity/trivy/pull/10718
Scores
CVSS v3
6.5
EPSS
0.0025
EPSS Percentile
16.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-770
CWE-789
Status
published
Products (2)
aquasec/trivy
< 0.71.0
aquasecurity/trivy
< 0.71.0
Published
Jun 25, 2026
Tracked Since
Jun 25, 2026