VYPR

apk package

chainguard/nerdctl-fips

pkg:apk/chainguard/nerdctl-fips

Vulnerabilities (66)

  • CVE-2025-52881Nov 6, 2025
    affected < 2.2.0-r0fixed 2.2.0-r0

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have

  • CVE-2024-25621Nov 6, 2025
    affected < 2.2.0-r0fixed 2.2.0-r0

    containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd

  • CVE-2025-47907Aug 7, 2025
    affected < 2.1.3-r4fixed 2.1.3-r4

    Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex

  • CVE-2025-54388Jul 30, 2025
    affected < 2.1.3-r2fixed 2.1.3-r2

    Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables

  • CVE-2025-4673MedJun 11, 2025
    affected < 2.1.2-r1fixed 2.1.2-r1

    Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.

  • CVE-2025-22874HigJun 11, 2025
    affected < 2.1.2-r1fixed 2.1.2-r1

    Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.

Page 4 of 4