VYPR

apk package

wolfi/gogatekeeper

pkg:apk/wolfi/gogatekeeper

Vulnerabilities (45)

  • CVE-2025-58181Nov 19, 2025
    affected < 4.3.0-r2fixed 4.3.0-r2

    SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

  • CVE-2025-64329Nov 7, 2025
    affected < 4.3.0-r1fixed 4.3.0-r1

    containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks

  • CVE-2024-25621Nov 6, 2025
    affected < 4.3.0-r1fixed 4.3.0-r1

    containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd

  • CVE-2025-4673MedJun 11, 2025
    affected < 3.4.0-r1fixed 3.4.0-r1

    Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.

  • CVE-2025-22874HigJun 11, 2025
    affected < 3.4.0-r1fixed 3.4.0-r1

    Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.

Page 3 of 3