rpm package
opensuse/starboard&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/starboard&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58188 | — | < 0.15.28-1.1 | 0.15.28-1.1 | Oct 29, 2025 | Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains. | ||
| CVE-2022-32149 | — | < 0.15.11-1.1 | 0.15.11-1.1 | Oct 14, 2022 | An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse. | ||
| CVE-2022-28946 | — | < 0.15.6-1.1 | 0.15.6-1.1 | May 19, 2022 | An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access. |
- CVE-2025-58188Oct 29, 2025affected < 0.15.28-1.1fixed 0.15.28-1.1
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
- CVE-2022-32149Oct 14, 2022affected < 0.15.11-1.1fixed 0.15.11-1.1
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
- CVE-2022-28946May 19, 2022affected < 0.15.6-1.1fixed 0.15.6-1.1
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.