VYPR

apk package

chainguard/kustomize-sops

pkg:apk/chainguard/kustomize-sops

Vulnerabilities (2)

  • CVE-2025-27144MedFeb 24, 2025
    affected < 4.3.3-r2fixed 4.3.3-r2

    Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when par

  • CVE-2025-22866MedFeb 6, 2025
    affected < 4.3.3-r1fixed 4.3.3-r1

    Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recover