gvisor-tap-vsock (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package gvisor-tap-vsock, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2025-22871 — CVSS 9.1 (critical): The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling…
CVE-2025-22869 — CVSS 7.5 (high): SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key…