VYPR

apk package

chainguard/consul-k8s-fips-2.0-cli

pkg:apk/chainguard/consul-k8s-fips-2.0-cli

Vulnerabilities (7)

  • CVE-2026-50162modJul 1, 2026
    affected < 2.0.1-r3fixed 2.0.1-r3

    oras-go: oras-go: File store write outside working directory via symlink traversal

  • CVE-2026-50151modJul 1, 2026
    affected < 2.0.1-r3fixed 2.0.1-r3

    oras-go: oras-go: Credential forwarding via unvalidated Location header during blob upload

  • CVE-2026-48978lowJul 1, 2026
    affected < 2.0.1-r3fixed 2.0.1-r3

    oras-go: oras-go: Information disclosure and TLS downgrade via malicious registry realm

  • CVE-2026-53492higJun 19, 2026
    affected < 2.0.1-r2fixed 2.0.1-r2

    ### Impact containerd's CRI implementation improperly trusts Container Device Interface (CDI) annotations found within untrusted checkpoint image metadata during container restoration. When restoring a container from a checkpoint, containerd preserves CDI-related annotations fro

  • CVE-2026-53489higJun 19, 2026
    affected < 2.0.1-r2fixed 2.0.1-r2

    ### Impact A bug was found in containerd where the CRI plugin restores `container.log` from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via `kubectl logs`. ### Patches This bug has been fixed in the following

  • CVE-2026-53488higJun 19, 2026
    affected < 2.0.0-r3fixed 2.0.0-r3

    ### Impact A bug was found in containerd where the CRI plugin propagates labels from an image config (`LABEL` instruction in Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host, via a plugin that consumes container labels f

  • CVE-2026-47262Jun 19, 2026
    affected < 2.0.0-r3fixed 2.0.0-r3

    ### Impact A vulnerability in containerd allows a maliciously crafted image to cause a Denial of Service (DoS) condition. When creating a container from this image, memory exhaustion occurs, leading to an Out Of Memory (OOM) kill of the containerd process. This renders the contai