apk package
wolfi/knative-operator-1.18
pkg:apk/wolfi/knative-operator-1.18
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68119 | — | < 1.18.3-r3 | 1.18.3-r3 | Jan 28, 2026 | Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial (hg) installed, downloading modules from non-standard sources (e.g., custom domains) can cause unexpected code execution due to how external VCS commands are | ||
| CVE-2025-47907 | — | < 1.18.1-r4 | 1.18.1-r4 | Aug 7, 2025 | Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex | ||
| CVE-2025-22868 | — | < 1.18.1-r2 | 1.18.1-r2 | Feb 26, 2025 | An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. |
- CVE-2025-68119Jan 28, 2026affected < 1.18.3-r3fixed 1.18.3-r3
Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial (hg) installed, downloading modules from non-standard sources (e.g., custom domains) can cause unexpected code execution due to how external VCS commands are
- CVE-2025-47907Aug 7, 2025affected < 1.18.1-r4fixed 1.18.1-r4
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex
- CVE-2025-22868Feb 26, 2025affected < 1.18.1-r2fixed 1.18.1-r2
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
Page 2 of 2