VYPR

rpm package

suse/uyuni-tools&distro=SUSE Multi Linux Manager Tools SLE-12

pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12

Vulnerabilities (6)

  • CVE-2025-58190Feb 5, 2026
    affected < 5.1.23-120002.3.6.1fixed 5.1.23-120002.3.6.1

    The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

  • CVE-2025-47911Feb 5, 2026
    affected < 5.1.23-120002.3.6.1fixed 5.1.23-120002.3.6.1

    The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

  • CVE-2025-11065MedJan 26, 2026
    affected < 5.1.23-120002.3.6.1fixed 5.1.23-120002.3.6.1

    A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data process

  • CVE-2025-68156Dec 16, 2025
    affected < 5.1.24-120002.3.9.1fixed 5.1.24-120002.3.9.1

    Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursi

  • CVE-2025-12816Nov 25, 2025
    affected < 5.1.24-120002.3.9.1fixed 5.1.24-120002.3.9.1

    An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and s

  • CVE-2025-64751Nov 21, 2025
    affected < 5.1.23-120002.3.6.1fixed 5.1.23-120002.3.6.1

    OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 <= Helm chart <= openfga-0.2.48, v.1.4.0 <= docker <= v.1.11.0) are vulnerable to improper policy enforcemen