VYPR

apk package

wolfi/loki-3.6-logcli

pkg:apk/wolfi/loki-3.6-logcli

Vulnerabilities (23)

  • CVE-2026-33186CriMar 20, 2026
    affected < 3.6.7-r3fixed 3.6.7-r3

    gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omi

  • CVE-2026-26958LowFeb 19, 2026
    affected < 3.6.6-r1fixed 3.6.6-r1

    filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If (*Poin

  • CVE-2026-24051HigFeb 2, 2026
    affected < 0fixed 0

    OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking (Untrusted Search Paths) on macOS/Darwin systems. The resource detection code in sdk/resource/host_id.go executes the ioreg system comman

Page 2 of 2