github.com/anchore/syft
Ecosystem:
go
go
Package URL:
pkg:golang/github.com/anchore/syft
Total PRs:
419 Dependabot PRs
419 Dependabot PRs
Latest PR:
8 days ago
8 days ago
Unique Repositories:
53 repositories
53 repositories
Unique Repos (30 days):
1 repository
1 repository
Security Advisories
Syft improper temporary file cleanup
GHSA-rjcw-vg7j-m9rc
CVE-2026-33481
MODERATE
published 3 months ago
• updated 14 days ago
### Impact
Syft versions before v1.42.3 would not properly cleanup temporary storage if the temporary storage was exhausted during a scan. When sca...
Credential disclosure in syft when SYFT_ATTEST_PASSWORD environment variable set
GHSA-jp7v-3587-2956
CVE-2023-24827
MODERATE
published over 3 years ago
• updated 13 days ago
A password disclosure flaw was found in Syft versions v0.69.0 and v0.69.1. This flaw leaks the password stored in the SYFT_ATTEST_PASSWORD environm...
Recent PRs (filtered by: Major PRs )
deps(deps): bump github.com/anchore/syft from 0.98.0 to 1.29.0
danieleschmidt/provenance-graph-sbom-linker #7
0.98.0 → 1.29.0
Major PR
Closed
11 months ago
3 comments
chore(deps): bump the go-modules group across 1 directory with 76 updates
0.80.0 → 1.26.0
Major PR
Closed
about 1 year ago
1 comment
chore(deps): bump the go-modules group across 1 directory with 75 updates
0.80.0 → 1.26.0
Major PR
Closed
about 1 year ago
1 comment
chore(deps): bump the go-modules group with 69 updates
0.80.0 → 1.19.0
Major PR
Closed
about 1 year ago
1 comment
Package Details
| Name: | github.com/anchore/syft |
| Ecosystem: | go |
| PURL Type: | golang |
| Package URL: | pkg:golang/github.com/anchore/syft |
| JSON API: | View JSON |
Security Advisories
Package Information
Description:
| Repository: | https://github.com/anchore/syft |
| Homepage: | https://github.com/anchore/syft |
| Latest Release: |
v1.17.0
over 1 year ago |
| Dependent Repos: | 179 |
| Dependent Packages: | 217 |
| Ranking: | Top 0.4716% by dependent repos Top 0.3342% by dependent pkgs |