apk package
chainguard/terraform-ls
pkg:apk/chainguard/terraform-ls
Vulnerabilities (42)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58181 | — | < 0.38.2-r2 | 0.38.2-r2 | Nov 19, 2025 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption. | ||
| CVE-2025-58187 | — | < 0.38.2-r1 | 0.38.2-r1 | Oct 29, 2025 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains. |
- CVE-2025-58181Nov 19, 2025affected < 0.38.2-r2fixed 0.38.2-r2
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.
- CVE-2025-58187Oct 29, 2025affected < 0.38.2-r1fixed 0.38.2-r1
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.
Page 3 of 3