VYPR

apk package

chainguard/elasticsearch-fips-9.1

pkg:apk/chainguard/elasticsearch-fips-9.1

Vulnerabilities (22)

  • CVE-2025-55163Aug 13, 2025
    affected < 9.1.3-r0fixed 9.1.3-r0

    Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the

  • CVE-2025-48924Jul 11, 2025
    affected < 9.1.3-r0fixed 9.1.3-r0

    Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowErr

Page 2 of 2