VYPR

apk package

chainguard/elasticsearch-fips-8.17-config

pkg:apk/chainguard/elasticsearch-fips-8.17-config

Vulnerabilities (2)

  • CVE-2025-67735Dec 16, 2025
    affected < 8.17.10-r3fixed 8.17.10-r3

    Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.129.Final and 4.2.8.Final, the `io.netty.handler.codec.http.HttpRequestEncoder` has a CRLF injection with the request URI when constructing a request. This leads to request smuggling wh

  • CVE-2025-8916MedAug 13, 2025
    affected < 8.17.10-r1fixed 8.17.10-r1

    Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API m