VYPR

apk package

chainguard/haproxy-ingress-fips-0.16

pkg:apk/chainguard/haproxy-ingress-fips-0.16

Vulnerabilities (43)

  • CVE-2026-32280HigApr 8, 2026
    affected < 0.16.1-r1fixed 0.16.1-r1

    During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls

  • CVE-2026-27140HigApr 8, 2026
    affected < 0.16.1-r1fixed 0.16.1-r1

    SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

  • CVE-2026-29181HigApr 7, 2026
    affected < 0.16.0-r2fixed 0.16.0-r2

    OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.36.0 to 1.40.0, multi-value baggage: header extraction parses each header field-value independently and aggregates members across values. This allows an attacker to amplify cpu and allocations by sending many bagg

Page 3 of 3