VYPR

rpm package

opensuse/cockpit-machines&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/cockpit-machines&distro=openSUSE%20Leap%2016.0

Vulnerabilities (3)

  • CVE-2026-26996Feb 20, 2026
    affected < 346-160000.2.1fixed 346-160000.2.1

    minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive * wildcards followed by a literal charact

  • CVE-2026-25547CriFeb 4, 2026
    affected < 346-160000.2.1fixed 346-160000.2.1

    @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated nume

  • CVE-2025-13465MedJan 21, 2026
    affected < 346-160000.1.1fixed 346-160000.1.1

    Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwritin