VYPR

apk package

wolfi/gitaly-git-18.1

pkg:apk/wolfi/gitaly-git-18.1

Vulnerabilities (2)

  • CVE-2025-47907Aug 7, 2025
    affected < 18.1.3-r3fixed 18.1.3-r3

    Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex

  • CVE-2025-8556LowAug 6, 2025
    affected < 18.1.0-r1fixed 18.1.0-r1

    A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.