VYPR

Container

by Apple Inc.

Source repositories

CVEs (3)

  • CVE-2026-28909MedApr 30, 2026
    risk 0.35cvss 6.5epss 0.00

    Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3.

  • CVE-2026-20613Jan 22, 2026
    risk 0.00cvss epss 0.00

    The ArchiveReader.extractContents() function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location…

  • CVE-2024-27256Jan 27, 2025
    risk 0.00cvss epss 0.00

    IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.