This is a scan for Devguard CI/CD components in a GitLab project, aimed at testing whether these components function correctly.

 Devguard-Pipeline

0.12.0

0.8.2 attest

main

add/artifact-name-input

0.9.0

0.11.1 add-artifact-name-to-deploy

feautre/sarif-sbom-upload-components

add-first-party-scan-to-gitlap-pipeline

revert-c7057e5e

update-risk-management-default-value

timbastin-main-patch-95134

chore/adds-additional-env-flags

add-jobs-tags

HEAD

fix-attest.yaml

examples

Devguard-Pipeline

Badge API Documentation

Badge API

Badge API Programm ZenDiS

quay.io/jetstack/cert-manager-acmesolver

ghcr.io/l3montree-dev/devguard-operator

ghcr.io/l3montree-dev/devguard-postgresql

ghcr.io/l3montree-dev/devguard

docker.io/oryd/kratos

DevGuard Operator

Devguard Postgresql

devguard-scanner

devguard-documentation

devguard-web

devguard

devguard-action

Devguard

Robot User

Badge-API

Lars Hermges

Patrick Rissmann

Sebastian Kawelke

Tim Bastin

David Luhmer

Refaei Shikho

Frédéric Noppe

refoo0

timbastin

seb-kw

Frederic-Kenji

devguard-bot-dev[bot]

L3montree Cybersecurity

The scanner component of the devguard project

The documentation for the DevGuard Project

Manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Documentation made easy, Compliance to security Frameworks - OWASP Incubating Project

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped.

/Devguard
Group
/ Devguard-Pipeline
Repository

CVE-2025-4435

Reopen this vulnerability

Affected component