VYPR

apk package

chainguard/nacos-compat

pkg:apk/chainguard/nacos-compat

Vulnerabilities (4)

  • CVE-2025-61795MedOct 27, 2025
    affected < 3.1.0-r2fixed 3.1.0-r2

    Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage co

  • CVE-2025-11226MedOct 1, 2025
    affected < 3.1.0-r1fixed 3.1.0-r1

    ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment varia

  • CVE-2025-41249HigSep 16, 2025
    affected < 3.1.0-r0fixed 3.1.0-r0

    The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application m

  • CVE-2025-41248HigSep 16, 2025
    affected < 3.1.0-r0fixed 3.1.0-r0

    The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in a