VYPR

apk package

chainguard/prometheus-podman-exporter-fips

pkg:apk/chainguard/prometheus-podman-exporter-fips

Vulnerabilities (64)

  • CVE-2025-47907Aug 7, 2025
    affected < 1.17.2-r2fixed 1.17.2-r2

    Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex

  • CVE-2025-6032HigJun 24, 2025
    affected < 1.17.1-r1fixed 1.17.1-r1

    A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

  • CVE-2025-22872MedApr 16, 2025
    affected < 1.16.0-r1fixed 1.16.0-r1

    The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can resul

  • CVE-2025-22871CriApr 8, 2025
    affected < 1.16.0-r0fixed 1.16.0-r0

    The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

Page 4 of 4