VYPR

rpm package

opensuse/cockpit-repos&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/cockpit-repos&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2026-25547CriFeb 4, 2026
    affected < 4.7-4.1fixed 4.7-4.1

    @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated nume

  • CVE-2025-13465MedJan 21, 2026
    affected < 4.7-2.1fixed 4.7-2.1

    Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwritin

  • CVE-2025-64718Nov 13, 2025
    affected < 4.6-1.1fixed 4.6-1.1

    js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. T