rpm package
opensuse/kubecolor&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kubecolor&distro=openSUSE%20Tumbleweed
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58185 | — | < 0.5.3-1.1 | 0.5.3-1.1 | Oct 29, 2025 | Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion. | ||
| CVE-2025-47912 | — | < 0.5.3-1.1 | 0.5.3-1.1 | Oct 29, 2025 | The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/". IPv4 addresse | ||
| CVE-2025-47906 | — | < 0.5.2-1.1 | 0.5.2-1.1 | Sep 18, 2025 | If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned. | ||
| CVE-2025-0913 | — | < 0.5.2-1.1 | 0.5.2-1.1 | Jun 11, 2025 | os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent loca |
- CVE-2025-58185Oct 29, 2025affected < 0.5.3-1.1fixed 0.5.3-1.1
Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion.
- CVE-2025-47912Oct 29, 2025affected < 0.5.3-1.1fixed 0.5.3-1.1
The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/". IPv4 addresse
- CVE-2025-47906Sep 18, 2025affected < 0.5.2-1.1fixed 0.5.2-1.1
If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
- CVE-2025-0913Jun 11, 2025affected < 0.5.2-1.1fixed 0.5.2-1.1
os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent loca