VYPR

rpm package

suse/cockpit&distro=SUSE Linux Enterprise Micro 5.2

pkg:rpm/suse/cockpit&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Vulnerabilities (4)

  • CVE-2026-26996Feb 20, 2026
    affected < 251.3-150300.6.9.1fixed 251.3-150300.6.9.1

    minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive * wildcards followed by a literal charact

  • CVE-2026-25547CriFeb 4, 2026
    affected < 251.3-150300.6.9.1fixed 251.3-150300.6.9.1

    @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated nume

  • CVE-2025-13465MedJan 21, 2026
    affected < 251.3-150300.6.6.1fixed 251.3-150300.6.6.1

    Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwritin

  • CVE-2024-6126LowJul 3, 2024
    affected < 251.3-150300.6.3.1fixed 251.3-150300.6.3.1

    A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.