VYPR

apk package

chainguard/emsdk

pkg:apk/chainguard/emsdk

Vulnerabilities (5)

  • CVE-2025-5889LowJun 9, 2025
    affected < 5.0.0-r1fixed 5.0.0-r1

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be l

  • CVE-2024-7254HigSep 19, 2024
    affected < 5.0.0-r1fixed 5.0.0-r1

    Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf

  • CVE-2022-3510HigDec 12, 2022
    affected < 5.0.0-r1fixed 5.0.0-r1

    A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeat

  • CVE-2022-3509HigDec 12, 2022
    affected < 5.0.0-r1fixed 5.0.0-r1

    A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown

  • CVE-2022-3171MedOct 12, 2022
    affected < 5.0.0-r1fixed 5.0.0-r1

    A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be