VYPR

rpm package

opensuse/tree-sitter-ruby&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/tree-sitter-ruby&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2025-59343HigSep 24, 2025
    affected < 0.23.1-2.1fixed 0.23.1-2.1

    tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.3, and 1.16.5 are vulnerable to symlink validation bypass if the destination directory is predictable with a specific tarball. This issue has been patched in version 3.1.1, 2.1.4, and 1.16.6. A worka

  • CVE-2025-5889LowJun 9, 2025
    affected < 0.23.1-2.1fixed 0.23.1-2.1

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be l