testkube-api-server-2.6.1_linux_amd64

digest	`sha256:fcc3f6e713226bb97a6a7e0f85f8cc04a656fe235ad2e2f9530a1d075be14a29`
vulnerabilities
platform	linux/amd64
size	70 MB
packages	255

libssl3 3.3.5-r0 (apk)

pkg:apk/alpine/libssl3@3.3.5-r0?arch=x86_64&distro=alpine-3.20.8&upstream=openssl

# api-server.Dockerfile (33:33)
FROM ${ALPINE_IMAGE}

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.662%`
EPSS Percentile	`71st percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.059%`
EPSS Percentile	`18th percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.070%`
EPSS Percentile	`21st percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.056%`
EPSS Percentile	`17th percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.059%`
EPSS Percentile	`18th percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.048%`
EPSS Percentile	`15th percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.015%`
EPSS Percentile	`3rd percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.070%`
EPSS Percentile	`22nd percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.014%`
EPSS Percentile	`2nd percentile`

Description

Affected range	`<3.3.6-r0`
Fixed version	`3.3.6-r0`
EPSS Score	`0.005%`
EPSS Percentile	`0th percentile`

Description

c-ares 1.33.1-r0 (apk)

pkg:apk/alpine/c-ares@1.33.1-r0?arch=x86_64&distro=alpine-3.20.8

# api-server.Dockerfile (34:34)
RUN apk --no-cache add ca-certificates libssl3 git

Affected range	`<=1.33.1-r0`
Fixed version	Not Fixed
EPSS Score	`0.618%`
EPSS Percentile	`69th percentile`

Description

Affected range	`<=1.33.1-r0`
Fixed version	Not Fixed
EPSS Score	`0.060%`
EPSS Percentile	`19th percentile`

Description

libcurl 8.14.1-r2 (apk)

pkg:apk/alpine/libcurl@8.14.1-r2?arch=x86_64&distro=alpine-3.20.8&upstream=curl

# api-server.Dockerfile (34:34)
RUN apk --no-cache add ca-certificates libssl3 git

Affected range	`<=8.14.1-r2`
Fixed version	Not Fixed
EPSS Score	`0.007%`
EPSS Percentile	`0th percentile`

Description

Affected range	`<=8.14.1-r2`
Fixed version	Not Fixed
EPSS Score	`0.021%`
EPSS Percentile	`5th percentile`

Description

Affected range	`<=8.14.1-r2`
Fixed version	Not Fixed
EPSS Score	`0.022%`
EPSS Percentile	`5th percentile`

Description

Affected range	`<=8.14.1-r2`
Fixed version	Not Fixed
EPSS Score	`0.039%`
EPSS Percentile	`12th percentile`

Description

Affected range	`<=8.14.1-r2`
Fixed version	Not Fixed
EPSS Score	`0.022%`
EPSS Percentile	`5th percentile`

Description

Affected range	`<=8.14.1-r2`
Fixed version	Not Fixed
EPSS Score	`0.015%`
EPSS Percentile	`3rd percentile`

Description

Affected range	`<=8.14.1-r2`
Fixed version	Not Fixed
EPSS Score	`0.053%`
EPSS Percentile	`17th percentile`

Description

ssl_client 1.36.1-r30 (apk)

pkg:apk/alpine/ssl_client@1.36.1-r30?arch=x86_64&distro=alpine-3.20.8&upstream=busybox

# api-server.Dockerfile (33:33)
FROM ${ALPINE_IMAGE}

Affected range	`<=1.36.1-r30`
Fixed version	Not Fixed
EPSS Score	`0.052%`
EPSS Percentile	`16th percentile`

Description

Affected range	`<1.36.1-r31`
Fixed version	`1.36.1-r31`
EPSS Score	`0.031%`
EPSS Percentile	`8th percentile`

Description

Affected range	`<1.36.1-r31`
Fixed version	`1.36.1-r31`
EPSS Score	`0.023%`
EPSS Percentile	`5th percentile`

Description

libexpat 2.7.3-r0 (apk)

pkg:apk/alpine/libexpat@2.7.3-r0?arch=x86_64&distro=alpine-3.20.8&upstream=expat

# api-server.Dockerfile (34:34)
RUN apk --no-cache add ca-certificates libssl3 git

Affected range	`<2.7.4-r0`
Fixed version	`2.7.4-r0`
EPSS Score	`0.006%`
EPSS Percentile	`0th percentile`

Description

Affected range	`<2.7.4-r0`
Fixed version	`2.7.4-r0`
EPSS Score	`0.005%`
EPSS Percentile	`0th percentile`

Description

github.com/go-jose/go-jose 2.6.3+incompatible (golang)

pkg:golang/github.com/go-jose/go-jose@2.6.3%2Bincompatible

# api-server.Dockerfile (36:36)
COPY --from=build /app /bin/app

Uncontrolled Resource Consumption

Affected range	`<3.0.4`
Fixed version	`3.0.4`
CVSS Score	`6.9`
CVSS Vector	`CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N`
EPSS Score	`0.078%`
EPSS Percentile	`23rd percentile`

Description

Impact

When parsing compact JWS or JWE input, go-jose could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of '.' characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.

Patches

Version 4.0.5 fixes this issue

Workarounds

Applications could pre-validate payloads passed to go-jose do not contain an excessive number of '.' characters.

References

This is the same sort of issue as in the golang.org/x/oauth2/jws package as CVE-2025-22868 and Go issue https://go.dev/issue/71490.

Impact​

Patches​

Workarounds​

References​

Impact

Patches

Workarounds

References