Skip to main content
New to Testkube? Unleash the power of cloud native testing in Kubernetes with Testkube. Get Started >

kube-webhook-certgen-0.0.7_linux_amd64

digestsha256:99c5ac7ef7cf17b180a3ae9d11144120ff203017d6bd805dc95ab2648a5a6e7e
vulnerabilitiescritical: 0 high: 1 medium: 1 low: 0
platformlinux/amd64
size13 MB
packages48
critical: 0 high: 1 medium: 0 low: 0 golang.org/x/oauth2 0.26.0 (golang)

pkg:golang/golang.org/x/oauth2@0.26.0
high : CVE--2025--22868

Affected range<0.27.0
Fixed version0.27.0
EPSS Score0.121%
EPSS Percentile28th percentile
Description

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

critical: 0 high: 0 medium: 1 low: 0 golang.org/x/net 0.34.0 (golang)

pkg:golang/golang.org/x/net@0.34.0
medium 4.4: CVE--2025--22870 Misinterpretation of Input

Affected range<0.36.0
Fixed version0.36.0
CVSS Score4.4
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
EPSS Score0.018%
EPSS Percentile3rd percentile
Description

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.