VYPR

rpm package

opensuse/v2ray-core&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/v2ray-core&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2026-39821CriMay 22, 2026
    affected < 5.51.2-1.1fixed 5.51.2-1.1

    The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in program

  • CVE-2026-33186CriMar 20, 2026
    affected < 5.47.0-1.1fixed 5.47.0-1.1

    gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omi

  • CVE-2026-27017Feb 20, 2026
    affected < 5.51.2-1.1fixed 5.51.2-1.1

    uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selec

  • CVE-2025-47911Feb 5, 2026
    affected < 5.40.0-1.1fixed 5.40.0-1.1

    The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.