VYPR

rpm package

opensuse/gitleaks&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/gitleaks&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2024-45337CriDec 12, 2024
    affected < 8.24.2-1.1fixed 8.24.2-1.1

    Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that

  • CVE-2021-38561Dec 26, 2022
    affected < 8.18.3-1.1fixed 8.18.3-1.1

    golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.

  • CVE-2022-32149Oct 14, 2022
    affected < 8.18.3-1.1fixed 8.18.3-1.1

    An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.