VYPR

apk package

chainguard/ztunnel-fips-1.30

pkg:apk/chainguard/ztunnel-fips-1.30

Vulnerabilities (1)

  • CVE-2026-45784May 19, 2026
    affected < 1.30.0-r2fixed 1.30.0-r2

    `CipherCtxRef::cipher_update_inplace` incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers (EVP_aes_{128,192,256}_wrap_pad). For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-con