apk package
wolfi/cilium-1.19-hubble-relay
pkg:apk/wolfi/cilium-1.19-hubble-relay
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25679 | Hig | 7.5 | < 1.19.1-r2 | 1.19.1-r2 | Mar 6, 2026 | url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. | |
| CVE-2026-2303 | Med | 6.5 | < 1.19.5-r2 | 1.19.5-r2 | Feb 10, 2026 | The mongo-go-driver repository contains CGo bindings for GSSAPI (Kerberos) authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI b |
- affected < 1.19.1-r2fixed 1.19.1-r2
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
- affected < 1.19.5-r2fixed 1.19.5-r2
The mongo-go-driver repository contains CGo bindings for GSSAPI (Kerberos) authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI b
Page 2 of 2