VYPR

apk package

chainguard/liquibase

pkg:apk/chainguard/liquibase

Vulnerabilities (2)

  • CVE-2025-48924Jul 11, 2025
    affected < 4.33.0-r1fixed 4.33.0-r1

    Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowErr

  • CVE-2025-49146Jun 11, 2025
    affected < 4.32.0-r3fixed 4.32.0-r3

    pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow connections to proceed with authentication methods that