VYPR

apk package

chainguard/pgadmin4

pkg:apk/chainguard/pgadmin4

Vulnerabilities (45)

  • CVE-2024-21538HigNov 8, 2024
    affected < 9.1-r1fixed 9.1-r1

    Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted

  • CVE-2022-25881MedJan 31, 2023
    affected < 9.1-r1fixed 9.1-r1

    This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.

  • CVE-2022-33987MedJun 18, 2022
    affected < 9.1-r1fixed 9.1-r1

    The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.

  • CVE-2021-43307MedJun 2, 2022
    affected < 9.1-r1fixed 9.1-r1

    An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method

  • CVE-2021-3795HigSep 15, 2021
    affected < 9.1-r1fixed 9.1-r1

    semver-regex is vulnerable to Inefficient Regular Expression Complexity

Page 3 of 3