VYPR

apk package

wolfi/sqlpad

pkg:apk/wolfi/sqlpad

Vulnerabilities (63)

  • CVE-2024-28863Mar 21, 2024
    affected < 7.4.1-r3fixed 7.4.1-r3

    node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js cl

  • CVE-2024-28176Mar 9, 2024
    affected < 7.4.1-r2fixed 7.4.1-r2

    jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encrypt

  • CVE-2023-42282Feb 8, 2024
    affected < 7.4.1-r1fixed 7.4.1-r1

    The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.

Page 4 of 4