apk package
chainguard/rke2-runtime-1.34-charts
pkg:apk/chainguard/rke2-runtime-1.34-charts
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68156 | — | < 1.34.3.2.1-r0 | 1.34.3.2.1-r0 | Dec 16, 2025 | Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursi | ||
| CVE-2025-67499 | — | < 1.34.2.2.1-r1 | 1.34.2.2.1-r1 | Dec 9, 2025 | The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftabl | ||
| CVE-2025-54410 | — | < 1.34.2.2.1-r4 | 1.34.2.2.1-r4 | Jul 30, 2025 | Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fail | ||
| CVE-2024-36623 | — | < 1.34.2.2.1-r4 | 1.34.2.2.1-r4 | Nov 29, 2024 | moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes. |
- CVE-2025-68156Dec 16, 2025affected < 1.34.3.2.1-r0fixed 1.34.3.2.1-r0
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursi
- CVE-2025-67499Dec 9, 2025affected < 1.34.2.2.1-r1fixed 1.34.2.2.1-r1
The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftabl
- CVE-2025-54410Jul 30, 2025affected < 1.34.2.2.1-r4fixed 1.34.2.2.1-r4
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fail
- CVE-2024-36623Nov 29, 2024affected < 1.34.2.2.1-r4fixed 1.34.2.2.1-r4
moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.