VYPR

apk package

chainguard/kibana-9-bitnami

pkg:apk/chainguard/kibana-9-bitnami

Vulnerabilities (4)

  • CVE-2025-7783CriJul 18, 2025
    affected < 9.0.4-r0fixed 9.0.4-r0

    Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.

  • CVE-2025-5889LowJun 9, 2025
    affected < 9.0.2-r3fixed 9.0.2-r3

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be l

  • CVE-2025-48387HigJun 2, 2025
    affected < 9.0.2-r1fixed 9.0.2-r1

    tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.0.9, 2.1.3, and 1.16.5 have an issue where an extract can write outside the specified dir with a specific tarball. This has been patched in versions 3.0.9, 2.1.3, and 1.16.5. As a workaround, use the ignore o

  • CVE-2025-47934HigMay 19, 2025
    affected < 9.0.2-r0fixed 9.0.2-r0

    OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously modified message can be passed to either `openpgp.verify` or `openpgp.decrypt`, causing these functions to return a valid signature v