VYPR

apk package

chainguard/reports-server-compat

pkg:apk/chainguard/reports-server-compat

Vulnerabilities (4)

  • CVE-2025-66506Dec 4, 2025
    affected < 0.1.5-r0fixed 0.1.5-r0

    Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.3, function identity.extractIssuerURL splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in th

  • CVE-2025-47281Jul 23, 2025
    affected < 0fixed 0

    Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service (DoS) vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno polici

  • CVE-2025-46342Apr 30, 2025
    affected < 0fixed 0

    Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selector(s) in their match statements are mistakenly not applied during admission review request processing due to

  • CVE-2024-48921Oct 29, 2024
    affected < 0fixed 0

    Kyverno is a policy engine designed for Kubernetes. A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. By design, PolicyExceptions are consumed from any namespace. Administrators may not rec