VYPR

apk package

wolfi/prism

pkg:apk/wolfi/prism

Vulnerabilities (84)

  • CVE-2025-25290MedFeb 14, 2025
    affected < 5.14.3-r8fixed 5.14.3-r8

    @octokit/request sends parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node. Starting in version 1.0.0 and prior to versions 9.2.1 and 8.4.1, the regular expression `/<([^>]+)>; rel="deprecation"/` used to match the `link` header in HTTP responses i

  • CVE-2025-25289MedFeb 14, 2025
    affected < 5.14.3-r8fixed 5.14.3-r8

    @octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing

  • CVE-2025-25288MedFeb 14, 2025
    affected < 5.14.3-r8fixed 5.14.3-r8

    @octokit/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and prior to 11.4.1 of the npm package `@octokit/plugin-paginate-rest`, when calling `octokit.paginate.iterator()`, a specially crafted `octokit` instance—p

  • CVE-2024-21534CriOct 11, 2024
    affected < 5.11.2-r1fixed 5.11.2-r1

    All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** There were several attempts to fix i

Page 5 of 5