VYPR

apk package

chainguard/redpanda-console

pkg:apk/chainguard/redpanda-console

Vulnerabilities (23)

  • CVE-2026-39827MedMay 22, 2026
    affected < 3.7.3-r2fixed 3.7.3-r2

    An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state

  • CVE-2026-41506MedMay 8, 2026
    affected < 3.7.1-r1fixed 3.7.1-r1

    go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. This issue has been patched in versions 5.18.0

  • CVE-2026-33814HigMay 7, 2026
    affected < 0fixed 0

    When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.

Page 2 of 2