apk package
chainguard/cadence-cassandra-tool
pkg:apk/chainguard/cadence-cassandra-tool
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-27140 | Hig | 8.8 | < 1.4.0-r8 | 1.4.0-r8 | Apr 8, 2026 | SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass. | |
| CVE-2016-5397 | — | < 1.4.0-r3 | 1.4.0-r3 | Feb 12, 2018 | The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0. |
- affected < 1.4.0-r8fixed 1.4.0-r8
SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.
- CVE-2016-5397Feb 12, 2018affected < 1.4.0-r3fixed 1.4.0-r3
The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.
Page 2 of 2