VYPR

apk package

chainguard/debezium-connector-spanner-3.0

pkg:apk/chainguard/debezium-connector-spanner-3.0

Vulnerabilities (4)

  • CVE-2025-48924Jul 11, 2025
    affected < 3.0.8-r7fixed 3.0.8-r7

    Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowErr

  • CVE-2025-27817Jun 10, 2025
    affected < 3.0.8-r5fixed 3.0.8-r5

    A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwk

  • CVE-2023-2976Jun 14, 2023
    affected < 3.0.4-r2fixed 3.0.4-r2

    Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to

  • CVE-2020-8908Dec 10, 2020
    affected < 3.0.4-r2fixed 3.0.4-r2

    A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the