Skip to content

fix(deps): update module github.com/aquasecurity/trivy to v0.71.0 [security]#1256

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/go-github.com-aquasecurity-trivy-vulnerability
Open

fix(deps): update module github.com/aquasecurity/trivy to v0.71.0 [security]#1256
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/go-github.com-aquasecurity-trivy-vulnerability

Conversation

@renovate

@renovate renovate Bot commented Jul 18, 2026

Copy link
Copy Markdown

This PR contains the following updates:

Package Change Age Confidence
github.com/aquasecurity/trivy v0.68.0v0.71.0 age confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser

CVE-2026-54448 / GHSA-q3fv-x8vg-qqm4

More information

Details

Summary

When Trivy scans a Helm chart archive (.tgz), its custom tar unpacker reads each entry with io.ReadAll(tr) and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer.

Affected configurations

Exploitation requires the attacker to place a crafted .tgz file in a location that Trivy will scan as a Helm chart. This applies to the following scan targets:

Command Condition
trivy config <dir> Directory contains a crafted .tgz Helm chart (misconfiguration scanning is always enabled)
trivy filesystem --scanners misconf <dir> Directory contains a crafted .tgz Helm chart and --scanners misconf is explicitly enabled
trivy image --scanners misconf <image> Image contains a crafted .tgz Helm chart and --scanners misconf is explicitly enabled

Realistic scenarios include:

  • A CI pipeline that runs trivy config . on a repository where a contributor can submit a pull request containing a crafted chart archive.
  • A pipeline that scans a container image with --scanners misconf, whose build context includes untrusted .tgz files.
Impact

An attacker who satisfies the conditions above can exhaust all available memory on the host running Trivy. The OS OOM killer will terminate the Trivy process and may affect other processes sharing the same host or CI runner.

The practical impact in CI environments is denial of service: the scan fails, the pipeline is blocked, and repeated submissions re-trigger the same condition. Cloud CI runners may also incur additional costs for consumed resources.

There is no impact on confidentiality or integrity of the scanned system.

Patches

Fixed in Trivy v0.71.0 (#​10718). The custom tar unpacker was replaced with archive.LoadArchiveFiles from the official helm.sh/helm/v4 SDK, which enforces per-entry and total size limits and validates archive structure. Users should upgrade to v0.71.0 or later.

Workarounds

If upgrading is not immediately possible:

  • Set a memory limit (cgroup/container) on the Trivy process to bound the blast radius.
  • Use --skip-dirs to exclude directories containing untrusted Helm chart archives from the scan.
  • Avoid scanning repositories or images with untrusted .tgz files.
Credits

Reported by @​jamesgol.

Severity

  • CVSS Score: 8.7 / 10 (High)
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


Release Notes

aquasecurity/trivy (github.com/aquasecurity/trivy)

v0.71.0

⚡ Highlights ⚡

👉 https://redirect.github.com/aquasecurity/trivy/discussions/10767

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0710-2026-06-01

v0.70.0

⚡ Highlights ⚡

👉 https://redirect.github.com/aquasecurity/trivy/discussions/10546

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0700-2026-04-16

v0.69.3

Changelog

  • 6fb20c8 release: v0.69.3 [release/v0.69] (#​10293)
  • dabefec fix(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 [backport: release/v0.69] (#​10291)

v0.69.2

Changelog

  • cfa322e release: v0.69.2 [release/v0.69] (#​10266)
  • 86debce fix(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 [backport: release/v0.69] (#​10267)
  • cf3d4cd fix(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 [backport: release/v0.69] (#​10264)
  • 6dfd3b0 ci: remove apidiff workflow

v0.69.1

v0.69.0

v0.68.2

v0.68.1


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Copilot AI review requested due to automatic review settings July 18, 2026 00:07
@renovate
renovate Bot requested review from MR2011 and drochow as code owners July 18, 2026 00:07
@renovate

renovate Bot commented Jul 18, 2026

Copy link
Copy Markdown
Author

ℹ️ Artifact update notice

File name: scanner/keppel/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 11 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.26.0 -> 1.26.3
github.com/Masterminds/semver/v3 v3.4.0 -> v3.5.0
github.com/aquasecurity/trivy-db v0.0.0-20250929072116-eba1ced2340a -> v0.0.0-20251222105351-a833f47f8f0d
golang.org/x/mod v0.35.0 -> v0.36.0
golang.org/x/tools v0.44.0 -> v0.45.0
k8s.io/apimachinery v0.34.2 -> v0.36.1
k8s.io/klog/v2 v2.130.1 -> v2.140.0
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 -> v0.0.0-20260319190234-28399d86e0b5
sigs.k8s.io/structured-merge-diff/v6 v6.3.1 -> v6.3.2
github.com/google/go-containerregistry v0.20.7 -> v0.21.6
github.com/package-url/packageurl-go v0.1.3 -> v0.1.6
k8s.io/client-go v0.34.2 -> v0.36.0

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot could not run the full agentic suite for this review because it was automatically requested on a bot-authored pull request. Request a review from Copilot under Reviewers to retry with the full agentic suite. Improved support for bot-authored pull requests is coming soon.

Updates the Keppel scanner’s Go module dependencies (notably Trivy and Kubernetes-related libs) and bumps the declared Go language/toolchain version.

Changes:

  • Bumped the module’s go version in go.mod.
  • Updated multiple dependencies (e.g., aquasecurity/trivy, container/K8s/OpenTelemetry ecosystem packages).
  • Regenerated go.sum to reflect the updated dependency graph.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
scanner/keppel/go.mod Raises the declared Go version and updates/extends required module versions.
scanner/keppel/go.sum Syncs module checksums to the new dependency versions.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants