apk package
wolfi/vault-secrets-webhook
pkg:apk/wolfi/vault-secrets-webhook
Vulnerabilities (46)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58189 | — | < 1.22.1-r1 | 1.22.1-r1 | Oct 29, 2025 | When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped. | ||
| CVE-2025-58187 | — | < 1.22.1-r1 | 1.22.1-r1 | Oct 29, 2025 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains. | ||
| CVE-2025-47907 | — | < 0 | 0 | Aug 7, 2025 | Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex | ||
| CVE-2025-4673 | Med | 6.8 | < 1.21.4-r4 | 1.21.4-r4 | Jun 11, 2025 | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. | |
| CVE-2025-22874 | Hig | 7.5 | < 1.21.4-r4 | 1.21.4-r4 | Jun 11, 2025 | Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. | |
| CVE-2025-22872 | Med | 6.5 | < 1.21.4-r2 | 1.21.4-r2 | Apr 16, 2025 | The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can resul |
- CVE-2025-58189Oct 29, 2025affected < 1.22.1-r1fixed 1.22.1-r1
When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.
- CVE-2025-58187Oct 29, 2025affected < 1.22.1-r1fixed 1.22.1-r1
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.
- CVE-2025-47907Aug 7, 2025affected < 0fixed 0
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex
- affected < 1.21.4-r4fixed 1.21.4-r4
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
- affected < 1.21.4-r4fixed 1.21.4-r4
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.
- affected < 1.21.4-r2fixed 1.21.4-r2
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can resul
Page 3 of 3