VYPR

apk package

chainguard/kyverno-cleanup-controller-fips-1.16

pkg:apk/chainguard/kyverno-cleanup-controller-fips-1.16

Vulnerabilities (42)

  • CVE-2025-66564Dec 4, 2025
    affected < 1.16.3-r1fixed 1.16.3-r1

    Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits t

  • CVE-2025-66506Dec 4, 2025
    affected < 1.16.2-r1fixed 1.16.2-r1

    Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.3, function identity.extractIssuerURL splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in th

Page 3 of 3