VYPR

rpm package

suse/cockpit-subscriptions&distro=SUSE Linux Enterprise Server for SAP applications 16.0

pkg:rpm/suse/cockpit-subscriptions&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0

Vulnerabilities (3)

  • CVE-2026-26996Feb 20, 2026
    affected < 12.1-160000.3.1fixed 12.1-160000.3.1

    minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive * wildcards followed by a literal charact

  • CVE-2025-13465MedJan 21, 2026
    affected < 12.1-160000.2.1fixed 12.1-160000.2.1

    Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwritin

  • CVE-2025-64718Nov 13, 2025
    affected < 12.1-160000.1.1fixed 12.1-160000.1.1

    js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. T