VYPR

apk package

wolfi/gitlab-webservice-scripts-17.10

pkg:apk/wolfi/gitlab-webservice-scripts-17.10

Vulnerabilities (2)

  • CVE-2025-30204HigMar 21, 2025
    affected < 17.10.0-r2fixed 17.10.0-r2

    golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a maliciou

  • CVE-2025-29923LowMar 20, 2025
    affected < 17.10.0-r1fixed 17.10.0-r1

    go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when `CLIENT SETINFO` times out during connection establishment. This can happen when the client is configured to transmit i