VYPR

rpm package

opensuse/rqlite&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/rqlite&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2026-39821CriMay 22, 2026
    affected < 10.1.0-2.1fixed 10.1.0-2.1

    The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in program

  • CVE-2026-33814HigMay 7, 2026
    affected < 10.1.0-1.1fixed 10.1.0-1.1

    When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.