apk package
chainguard/mycli
pkg:apk/chainguard/mycli
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-39892 | Cri | 9.8 | < 1.68.1-r0 | 1.68.1-r0 | Apr 8, 2026 | cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulner | |
| CVE-2026-34073 | Med | 5.3 | < 1.67.1-r0 | 1.67.1-r0 | Mar 31, 2026 | cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently | |
| CVE-2026-4539 | Low | 3.3 | < 1.67.1-r1 | 1.67.1-r1 | Mar 22, 2026 | A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit | |
| CVE-2023-44690 | — | < 0 | 0 | Oct 19, 2023 | Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py |
- affected < 1.68.1-r0fixed 1.68.1-r0
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulner
- affected < 1.67.1-r0fixed 1.67.1-r0
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently
- affected < 1.67.1-r1fixed 1.67.1-r1
A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit
- CVE-2023-44690Oct 19, 2023affected < 0fixed 0
Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py