VYPR

apk package

chainguard/arangodb-3.11-compat

pkg:apk/chainguard/arangodb-3.11-compat

Vulnerabilities (3)

  • CVE-2025-15284Dec 29, 2025
    affected < 3.11.14.2-r3fixed 3.11.14.2-r3

    Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: < 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation (a[]=1&a[]=2), only for indexed notation (a[0]=1). This is a consistency bug; arrayLim

  • CVE-2025-64718Nov 13, 2025
    affected < 3.11.14.1-r7fixed 3.11.14.1-r7

    js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. T

  • CVE-2025-5889LowJun 9, 2025
    affected < 3.11.14-r3fixed 3.11.14-r3

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be l