VYPR

apk package

chainguard/sdp-device-id-service

pkg:apk/chainguard/sdp-device-id-service

Vulnerabilities (2)

  • CVE-2024-12224May 30, 2025
    affected < 1.3.6-r1fixed 1.3.6-r1

    Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.

  • CVE-2025-24898MedFeb 3, 2025
    affected < 1.3.7-r5fixed 1.3.7-r5

    rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions `ssl::select_next_proto` can return a slice pointing into the `server` argument's buffer but with a lifetime bound to the `client` argument. In situations where the `sever` buffer's