VYPR

apk package

chainguard/tekton-pipelines-controller-fips-1.6

pkg:apk/chainguard/tekton-pipelines-controller-fips-1.6

Vulnerabilities (42)

  • CVE-2026-24051HigFeb 2, 2026
    affected < 1.6.0-r4fixed 1.6.0-r4

    OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking (Untrusted Search Paths) on macOS/Darwin systems. The resource detection code in sdk/resource/host_id.go executes the ioreg system comman

  • CVE-2026-24137MedJan 23, 2026
    affected < 1.6.0-r1fixed 1.6.0-r1

    sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client (pkg/tuf/client.go) supports caching target files to disk. It constructs a filesystem path by joining a cache base directory with a target na

Page 3 of 3