VYPR

rpm package

opensuse/sbctl&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/sbctl&distro=openSUSE%20Leap%2016.0

Vulnerabilities (3)

  • CVE-2025-58190Feb 5, 2026
    affected < 0.18-bp160.1.1fixed 0.18-bp160.1.1

    The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

  • CVE-2025-47911Feb 5, 2026
    affected < 0.18-bp160.1.1fixed 0.18-bp160.1.1

    The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

  • CVE-2025-58058MedAug 28, 2025
    affected < 0.18-bp160.1.1fixed 0.18-bp160.1.1

    xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the