VYPR

apk package

chainguard/ldap2pg

pkg:apk/chainguard/ldap2pg

Vulnerabilities (2)

  • CVE-2026-41889CriMay 8, 2026
    affected < 6.5.1-r1fixed 6.5.1-r1

    pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted string literal is used in the SQL query, that string literal contains text that would be would be interpreted as a placehol

  • CVE-2026-32952MedApr 24, 2026
    affected < 6.5.1-r1fixed 6.5.1-r1

    go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using `ntlmssp.Negotiator` as an HTTP transport. Version 0.1.1 patc