VYPR

apk package

chainguard/yara-x

pkg:apk/chainguard/yara-x

Vulnerabilities (22)

  • CVE-2025-53605MedJul 5, 2025
    affected < 0.13.0-r2fixed 0.13.0-r2

    The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.

  • CVE-2025-4574MedMay 13, 2025
    affected < 0.14.0-r2fixed 0.14.0-r2

    In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.

Page 2 of 2