VYPR

apk package

chainguard/consul-2.0

pkg:apk/chainguard/consul-2.0

Vulnerabilities (2)

  • CVE-2026-39883HigApr 8, 2026
    affected < 2.0.1-r1fixed 2.0.1-r1

    OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command using a bare name, allowing the same PATH hijacking attack on BSD and Solaris platf

  • CVE-2026-39882MedApr 8, 2026
    affected < 0fixed 0

    OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to 1.43.0, the otlp HTTP exporters (traces/metrics/logs) read the full HTTP response body into an in-memory bytes.Buffer without a size cap. This is exploitable for memory exhaustion when the configured collector e

VYPR — Vulnerability Intelligence