melange's world-writable permissions expose SBOM files to potential image tampering

Moderate severity GitHub Reviewed Published Jul 18, 2025 in chainguard-dev/melange • Updated Jul 18, 2025

No open alerts for this advisory

Give feedback on Dependabot alerts