VYPR

rpm package

opensuse/kubecolor&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kubecolor&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2025-58185Oct 29, 2025
    affected < 0.5.3-1.1fixed 0.5.3-1.1

    Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion.

  • CVE-2025-47912Oct 29, 2025
    affected < 0.5.3-1.1fixed 0.5.3-1.1

    The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/". IPv4 addresse

  • CVE-2025-47906Sep 18, 2025
    affected < 0.5.2-1.1fixed 0.5.2-1.1

    If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.

  • CVE-2025-0913Jun 11, 2025
    affected < 0.5.2-1.1fixed 0.5.2-1.1

    os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent loca