─ [0] ╭ Target : nmaguiar/openvpn:latest (alpine 3.21.3)
├ Class : os-pkgs
├ Type : alpine
╰ Vulnerabilities ╭ [0] ╭ VulnerabilityID : CVE-2025-26519
│ ├ PkgID : [email protected]
│ ├ PkgName : musl
│ ├ PkgIdentifier ╭ PURL: pkg:apk/alpine/[email protected]?arch=x86_64&distro=3.21.3
│ │ ╰ UID : 8f11112be3ba1292
│ ├ InstalledVersion: 1.2.5-r9
│ ├ FixedVersion : 1.2.5-r10
│ ├ Status : fixed
│ ├ Layer ╭ Digest: sha256:f18232174bc91741fdf3da96d85011092101a032a93a3
│ │ │ 88b79e99e69c2d5c870
│ │ ╰ DiffID: sha256:08000c18d16dadf9553d747a58cf44023423a9ab010aa
│ │ b96cf263d2216b8b350
│ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-26519
│ ├ DataSource ╭ ID : alpine
│ │ ├ Name: Alpine Secdb
│ │ ╰ URL : https://secdb.alpinelinux.org/
│ ├ Title : musl libc 0.9.13 through 1.2.5 before 1.2.6 has an
│ │ out-of-bounds write ...
│ ├ Description : musl libc 0.9.13 through 1.2.5 before 1.2.6 has an
│ │ out-of-bounds write vulnerability when an attacker can
│ │ trigger iconv conversion of untrusted EUC-KR text to UTF-8.
│ ├ Severity : UNKNOWN
│ ├ CweIDs ─ [0]: CWE-787
│ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/02/13/2
│ │ ├ [1]: http://www.openwall.com/lists/oss-security/2025/02/13/3
│ │ ├ [2]: http://www.openwall.com/lists/oss-security/2025/02/13/4
│ │ ├ [3]: http://www.openwall.com/lists/oss-security/2025/02/13/5
│ │ ├ [4]: http://www.openwall.com/lists/oss-security/2025/02/14/5
│ │ ├ [5]: http://www.openwall.com/lists/oss-security/2025/02/14/6
│ │ ├ [6]: https://git.musl-libc.org/cgit/musl/commit/?id=c47ad25e
│ │ │ a3b484e10326f933e927c0bc8cded3da
│ │ ├ [7]: https://git.musl-libc.org/cgit/musl/commit/?id=e5adcd97
│ │ │ b5196e29991b524237381a0202a60659
│ │ ╰ [8]: https://www.openwall.com/lists/oss-security/2025/02/13/2
│ ├ PublishedDate : 2025-02-14T04:15:09.05Z
│ ╰ LastModifiedDate: 2025-02-14T17:15:23.09Z
╰ [1] ╭ VulnerabilityID : CVE-2025-26519
├ PkgID : [email protected]
├ PkgName : musl-utils
├ PkgIdentifier ╭ PURL: pkg:apk/alpine/[email protected]?arch=x86_64&distro=
│ │ 3.21.3
│ ╰ UID : 34b1bf5f3f83c06e
├ InstalledVersion: 1.2.5-r9
├ FixedVersion : 1.2.5-r10
├ Status : fixed
├ Layer ╭ Digest: sha256:f18232174bc91741fdf3da96d85011092101a032a93a3
│ │ 88b79e99e69c2d5c870
│ ╰ DiffID: sha256:08000c18d16dadf9553d747a58cf44023423a9ab010aa
│ b96cf263d2216b8b350
├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-26519
├ DataSource ╭ ID : alpine
│ ├ Name: Alpine Secdb
│ ╰ URL : https://secdb.alpinelinux.org/
├ Title : musl libc 0.9.13 through 1.2.5 before 1.2.6 has an
│ out-of-bounds write ...
├ Description : musl libc 0.9.13 through 1.2.5 before 1.2.6 has an
│ out-of-bounds write vulnerability when an attacker can
│ trigger iconv conversion of untrusted EUC-KR text to UTF-8.
├ Severity : UNKNOWN
├ CweIDs ─ [0]: CWE-787
├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/02/13/2
│ ├ [1]: http://www.openwall.com/lists/oss-security/2025/02/13/3
│ ├ [2]: http://www.openwall.com/lists/oss-security/2025/02/13/4
│ ├ [3]: http://www.openwall.com/lists/oss-security/2025/02/13/5
│ ├ [4]: http://www.openwall.com/lists/oss-security/2025/02/14/5
│ ├ [5]: http://www.openwall.com/lists/oss-security/2025/02/14/6
│ ├ [6]: https://git.musl-libc.org/cgit/musl/commit/?id=c47ad25e
│ │ a3b484e10326f933e927c0bc8cded3da
│ ├ [7]: https://git.musl-libc.org/cgit/musl/commit/?id=e5adcd97
│ │ b5196e29991b524237381a0202a60659
│ ╰ [8]: https://www.openwall.com/lists/oss-security/2025/02/13/2
├ PublishedDate : 2025-02-14T04:15:09.05Z
╰ LastModifiedDate: 2025-02-14T17:15:23.09Z