apk package
chainguard/rke2-runtime-fips-1.32
pkg:apk/chainguard/rke2-runtime-fips-1.32
Vulnerabilities (25)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-27144 | Hig | 7.1 | < 1.32.13.2.1-r1 | 1.32.13.2.1-r1 | Apr 8, 2026 | The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime. | |
| CVE-2026-27143 | Cri | 9.8 | < 1.32.13.2.1-r1 | 1.32.13.2.1-r1 | Apr 8, 2026 | Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption. | |
| CVE-2026-27140 | Hig | 8.8 | < 1.32.13.2.1-r1 | 1.32.13.2.1-r1 | Apr 8, 2026 | SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass. | |
| CVE-2026-33817 | — | < 1.32.13.2.1-r0 | 1.32.13.2.1-r0 | Apr 6, 2026 | Rejected reason: CVE confirmed to be a false positive | ||
| CVE-2025-15558 | — | < 1.32.13.2.2-r0 | 1.32.13.2.2-r0 | Mar 4, 2026 | Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are |
- affected < 1.32.13.2.1-r1fixed 1.32.13.2.1-r1
The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.
- affected < 1.32.13.2.1-r1fixed 1.32.13.2.1-r1
Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.
- affected < 1.32.13.2.1-r1fixed 1.32.13.2.1-r1
SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.
- CVE-2026-33817Apr 6, 2026affected < 1.32.13.2.1-r0fixed 1.32.13.2.1-r0
Rejected reason: CVE confirmed to be a false positive
- CVE-2025-15558Mar 4, 2026affected < 1.32.13.2.2-r0fixed 1.32.13.2.2-r0
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are
Page 2 of 2