VYPR

rpm package

opensuse/steampipe&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/steampipe&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2026-41889CriMay 8, 2026
    affected < 2.4.4-1.1fixed 2.4.4-1.1

    pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted string literal is used in the SQL query, that string literal contains text that would be would be interpreted as a placehol

  • CVE-2026-34165MedMar 31, 2026
    affected < 2.4.1-1.1fixed 2.4.1-1.1

    go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and re

  • CVE-2026-27138MedMar 6, 2026
    affected < 2.4.1-1.1fixed 2.4.1-1.1

    Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either directly verifying X.509 certificate chains, or those that use TLS.