VYPR

apk package

chainguard/datadog-agent-7.79

pkg:apk/chainguard/datadog-agent-7.79

Vulnerabilities (5)

  • CVE-2026-53488higJun 19, 2026
    affected < 7.79.2-r5fixed 7.79.2-r5

    ### Impact A bug was found in containerd where the CRI plugin propagates labels from an image config (`LABEL` instruction in Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host, via a plugin that consumes container labels f

  • CVE-2026-47262Jun 19, 2026
    affected < 7.79.2-r5fixed 7.79.2-r5

    ### Impact A vulnerability in containerd allows a maliciously crafted image to cause a Denial of Service (DoS) condition. When creating a container from this image, memory exhaustion occurs, leading to an Out Of Memory (OOM) kill of the containerd process. This renders the contai

  • CVE-2026-45409MedJun 5, 2026
    affected < 7.79.2-r2fixed 7.79.2-r2

    Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize t

  • CVE-2026-44432HigMay 13, 2026
    affected < 7.79.2-r2fixed 7.79.2-r2

    urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) w

  • CVE-2026-44431MedMay 13, 2026
    affected < 7.79.2-r2fixed 7.79.2-r2

    urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.