VYPR

apk package

chainguard/gitlab-rails-ce-fips-18.10

pkg:apk/chainguard/gitlab-rails-ce-fips-18.10

Vulnerabilities (61)

  • CVE-2026-47242Jun 9, 2026
    affected < 18.10.8-r2fixed 18.10.8-r2

    ### Summary Two `Net::IMAP` commands, `#id` and `#enable`, do not validate their arguments. Arguments to either command could be used by an attacker to inject arbitrary IMAP commands. Please note that passing untrusted inputs to these commands is usually inappropriate and expe

  • CVE-2026-47241lowJun 9, 2026
    affected < 18.10.8-r2fixed 18.10.8-r2

    ### Summary Several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the fir

  • CVE-2026-47240Jun 9, 2026
    affected < 18.10.8-r2fixed 18.10.8-r2

    Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing lite

  • CVE-2026-47737higJun 9, 2026
    affected < 18.10.8-r1fixed 18.10.8-r1

    ### Impact Puma is vulnerable to source IP spoofing when `set_remote_address proxy_protocol: :v1` is enabled and persistent connections are used. PROXY protocol v1 is a connection-level protocol. [Support was added to Puma in v5.5.0](https://github.com/puma/puma/issues/2651). A

  • CVE-2026-47736higJun 8, 2026
    affected < 18.10.8-r1fixed 18.10.8-r1

    ### Impact [PROXY protocol support for Puma](https://github.com/puma/puma/issues/2651) was added in version 5.5.0. When PROXY protocol v1 support is enabled, Puma reads incoming bytes into an internal buffer. It waits for "\r\n" to determine whether a PROXY v1 line is present.

  • CVE-2026-42507MedJun 2, 2026
    affected < 18.10.7-r1fixed 18.10.7-r1

    When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged.

  • CVE-2026-42504HigJun 2, 2026
    affected < 0fixed 0

    Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU.

  • CVE-2026-27145MedJun 2, 2026
    affected < 18.10.7-r1fixed 18.10.7-r1

    (*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratic

  • CVE-2026-44740MedJun 1, 2026
    affected < 18.10.6-r1fixed 18.10.6-r1

    Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues arise

  • CVE-2026-44973HigMay 28, 2026
    affected < 18.10.6-r1fixed 18.10.6-r1

    Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcement may allow crafted paths (e.g., using ..) to escape intended base directories.

  • CVE-2026-45571MedMay 27, 2026
    affected < 18.10.6-r2fixed 18.10.6-r2

    go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, a path validation issue in go-git could allow crafted repository data to affect files outside the intended checkout target, including the repository's .git directory. These v

  • CVE-2026-45570CriMay 27, 2026
    affected < 18.10.6-r2fixed 18.10.6-r2

    go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. A reposito

  • CVE-2026-45022HigMay 27, 2026
    affected < 18.10.6-r1fixed 18.10.6-r1

    go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that differs from upstream Git. When commit or tag objects contain ambiguous or malformed headers, go-git’s decoded representa

  • CVE-2026-46680higMay 21, 2026
    affected < 18.10.6-r3fixed 18.10.6-r3

    ### Impact A bug was found in containerd where containers launched with a numeric `User` directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an `/etc/passwd` file mapping this large numeric string to root, the con

  • CVE-2026-45363higMay 18, 2026
    affected < 18.10.8-r0fixed 18.10.8-r0

    `JWT.decode(token, '', true, algorithm: 'HS256')` accepts an attacker-forged token. `OpenSSL::HMAC.digest('SHA256', '', payload)` returns a valid digest under an empty key, and no `raise InvalidKeyError if key.empty?` precondition exists in the HMAC algorithm. ``` JWT.decode(t

  • CVE-2026-41888MedMay 14, 2026
    affected < 18.10.4-r1fixed 18.10.4-r1

    Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.1, tag deletion via the DELETE /v2//manifests/ endpoint bypasses the storage.delete.enabled: false configuration, allowing any API client to remove tags from repositories even w

  • CVE-2026-42258CriMay 9, 2026
    affected < 18.10.4-r1fixed 18.10.4-r1

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issu

  • CVE-2026-42257CriMay 9, 2026
    affected < 18.10.4-r1fixed 18.10.4-r1

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived fro

  • CVE-2026-42256MedMay 9, 2026
    affected < 18.10.4-r1fixed 18.10.4-r1

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a com

  • CVE-2026-42246HigMay 9, 2026
    affected < 18.10.4-r1fixed 18.10.4-r1

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return "successfully", without starting TLS. This issue has been patched in

Page 1 of 4