VYPR

rpm package

suse/azure-storage-azcopy&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4

pkg:rpm/suse/azure-storage-azcopy&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4

Vulnerabilities (5)

  • CVE-2026-39821CriMay 22, 2026
    affected < 10.32.4-150400.9.11.1fixed 10.32.4-150400.9.11.1

    The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in program

  • CVE-2026-33814HigMay 7, 2026
    affected < 10.32.4-150400.9.11.1fixed 10.32.4-150400.9.11.1

    When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.

  • CVE-2026-34986HigApr 6, 2026
    affected < 10.32.4-150400.9.11.1fixed 10.32.4-150400.9.11.1

    Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JW

  • CVE-2026-33186CriMar 20, 2026
    affected < 10.29.1-150400.9.6.1fixed 10.29.1-150400.9.6.1

    gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omi

  • CVE-2025-47907Aug 7, 2025
    affected < 10.32.4-150400.9.11.1fixed 10.32.4-150400.9.11.1

    Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex