VYPR

apk package

chainguard/terraform-provider-acme

pkg:apk/chainguard/terraform-provider-acme

Vulnerabilities (43)

  • CVE-2025-22872MedApr 16, 2025
    affected < 2.32.0-r0fixed 2.32.0-r0

    The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can resul

  • CVE-2025-22871CriApr 8, 2025
    affected < 2.31.0-r2fixed 2.31.0-r2

    The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

  • CVE-2025-22868Feb 26, 2025
    affected < 2.31.0-r1fixed 2.31.0-r1

    An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Page 3 of 3