apk package

chainguard/node-feature-discovery-fips-0.16-worker

pkg:apk/chainguard/node-feature-discovery-fips-0.16-worker

Vulnerabilities (27)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-47912		—	< 0.16.9-r1	0.16.9-r1	Oct 29, 2025	The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/". IPv4 addresse
CVE-2025-61723		—	< 0.16.9-r1	0.16.9-r1	Oct 29, 2025	The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs.
CVE-2025-58189		—	< 0.16.9-r1	0.16.9-r1	Oct 29, 2025	When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.
CVE-2025-58187		—	< 0.16.9-r1	0.16.9-r1	Oct 29, 2025	Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.
CVE-2025-47907		—	< 0.16.8-r2	0.16.8-r2	Aug 7, 2025	Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex
CVE-2025-1767	Med	6.5	< 0	0	Mar 13, 2025	This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using t
CVE-2025-22868		—	< 0.16.8-r1	0.16.8-r1	Feb 26, 2025	An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

CVE-2025-47912Oct 29, 2025
affected < 0.16.9-r1fixed 0.16.9-r1
The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/". IPv4 addresse
CVE-2025-61723Oct 29, 2025
affected < 0.16.9-r1fixed 0.16.9-r1
The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs.
CVE-2025-58189Oct 29, 2025
affected < 0.16.9-r1fixed 0.16.9-r1
When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.
CVE-2025-58187Oct 29, 2025
affected < 0.16.9-r1fixed 0.16.9-r1
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.
CVE-2025-47907Aug 7, 2025
affected < 0.16.8-r2fixed 0.16.8-r2
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex
CVE-2025-1767MedMar 13, 2025
affected < 0fixed 0
This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using t
CVE-2025-22868Feb 26, 2025
affected < 0.16.8-r1fixed 0.16.8-r1
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Page 2 of 2