apk package
chainguard/mattermost-fips-11.8
pkg:apk/chainguard/mattermost-fips-11.8
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-46602 | — | < 11.8.2-r2 | 11.8.2-r2 | Jun 27, 2026 | The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption. | ||
| CVE-2026-46601 | mod | 6.5 | < 11.8.2-r2 | 11.8.2-r2 | Jun 25, 2026 | golang.org/x/image/webp: golang.org/x/image/webp: Denial of Service via malformed VP8 chunk in WebP images | |
| CVE-2026-33813 | Hig | 7.5 | < 11.8.2-r1 | 11.8.2-r1 | Apr 21, 2026 | Parsing a WEBP image with an invalid, large size panics on 32-bit platforms. |
- CVE-2026-46602Jun 27, 2026affected < 11.8.2-r2fixed 11.8.2-r2
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.
- affected < 11.8.2-r2fixed 11.8.2-r2
golang.org/x/image/webp: golang.org/x/image/webp: Denial of Service via malformed VP8 chunk in WebP images
- affected < 11.8.2-r1fixed 11.8.2-r1
Parsing a WEBP image with an invalid, large size panics on 32-bit platforms.