VYPR

apk package

chainguard/lakekeeper

pkg:apk/chainguard/lakekeeper

Vulnerabilities (1)

  • CVE-2026-25537Feb 4, 2026
    affected < 0.12.1-r0fixed 0.12.1-r0

    jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim (such as nbf or exp) is provided with an incorrect JSON type (Like a String instead of a Number)