VYPR

apk package

chainguard/azure-functions-extension-bundles-4

pkg:apk/chainguard/azure-functions-extension-bundles-4

Vulnerabilities (2)

  • CVE-2026-48109higJun 11, 2026
    affected < 4.36.0-r1fixed 4.36.0-r1

    ### Impact A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes `Lz4Block` and `Lz4BlockArray`. The decoder implementation is based on a deprecated fast-decompression algorithm that does not take a source-length bound. A remote att

  • CVE-2025-55315Oct 14, 2025
    affected < 4.28.0-r1fixed 4.28.0-r1

    Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.