VYPR

apk package

wolfi/opensearch-2-repository-s3

pkg:apk/wolfi/opensearch-2-repository-s3

Vulnerabilities (43)

  • CVE-2023-42503Sep 14, 2023
    affected < 2.10.0-r1fixed 2.10.0-r1

    Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can

  • CVE-2023-35116Jun 14, 2023
    affected < 0fixed 0

    jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cycli

  • CVE-2022-45146Nov 21, 2022
    affected < 2.11.1-r1fixed 2.11.1-r1

    An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in us

Page 3 of 3