VYPR

apk package

chainguard/chainloop-cli

pkg:apk/chainguard/chainloop-cli

Vulnerabilities (42)

  • CVE-2026-32285HigMar 26, 2026
    affected < 1.83.0-r1fixed 1.83.0-r1

    The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

  • CVE-2026-33186CriMar 20, 2026
    affected < 1.83.0-r0fixed 1.83.0-r0

    gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omi

Page 3 of 3