VYPR

apk package

chainguard/gitlab-toolbox-ce-fips-18.10

pkg:apk/chainguard/gitlab-toolbox-ce-fips-18.10

Vulnerabilities (2)

  • CVE-2026-47265HigJun 2, 2026
    affected < 18.10.7-r2fixed 18.10.7-r2

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin redirect. If a developer uses the `cookies` parameter on a per-request basis then

  • CVE-2026-34993MedJun 2, 2026
    affected < 18.10.7-r2fixed 18.10.7-r2

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using ``CookieJar.load()`` with untrusted input may allow arbitrary code execution. Most applications using this function will be doing so with the user's own data, so this is