rpm package
suse/containerized-data-importer&distro=SUSE Linux Micro 6.2
pkg:rpm/suse/containerized-data-importer&distro=SUSE%20Linux%20Micro%206.2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-22868 | — | < 1.64.0-160000.1.1 | 1.64.0-160000.1.1 | Feb 26, 2025 | An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. | ||
| CVE-2024-45338 | Med | 5.3 | < 1.64.0-160000.1.1 | 1.64.0-160000.1.1 | Dec 18, 2024 | An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. | |
| CVE-2024-28180 | — | < 1.64.0-160000.1.1 | 1.64.0-160000.1.1 | Mar 9, 2024 | Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now ret |
- CVE-2025-22868Feb 26, 2025affected < 1.64.0-160000.1.1fixed 1.64.0-160000.1.1
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
- affected < 1.64.0-160000.1.1fixed 1.64.0-160000.1.1
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.
- CVE-2024-28180Mar 9, 2024affected < 1.64.0-160000.1.1fixed 1.64.0-160000.1.1
Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now ret