apk package

chainguard/gogatekeeper

pkg:apk/chainguard/gogatekeeper

Vulnerabilities (22)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2025-4673	Med	6.8		< 3.4.0-r1	3.4.0-r1	Jun 11, 2025	Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
CVE-2025-22874	Hig	7.5		< 3.4.0-r1	3.4.0-r1	Jun 11, 2025	Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.

CVE-2025-4673MedJun 11, 2025
affected < 3.4.0-r1fixed 3.4.0-r1
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
CVE-2025-22874HigJun 11, 2025
affected < 3.4.0-r1fixed 3.4.0-r1
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.

Page 2 of 2