VYPR

apk package

wolfi/cloud-provider-gcp-cloud-controller-manager

pkg:apk/wolfi/cloud-provider-gcp-cloud-controller-manager

Vulnerabilities (43)

  • CVE-2025-22870MedMar 12, 2025
    affected < 33.1.1-r1fixed 33.1.1-r1

    Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

  • CVE-2024-45338MedDec 18, 2024
    affected < 0fixed 0

    An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

  • CVE-2023-45288HigApr 4, 2024
    affected < 33.1.1-r1fixed 33.1.1-r1

    An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma

Page 3 of 3