tileserver-gl-fips

Direct Vulnerabilities

Known vulnerabilities in the tileserver-gl-fips package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Resource Exhaustion	<5.5.0-r12
L GHSA-27v5-c462-wpq7	<5.5.0-r12
L CVE-2026-4926	<5.5.0-r12
L GHSA-qj8w-gfj5-8c6v	<5.5.0-r12
L GHSA-j3q9-mxjg-w52f	<5.5.0-r12
L CVE-2026-4923	<5.5.0-r12
L GHSA-jp2q-39xq-3w4g	<5.5.0-r11
L Uncontrolled Recursion	<5.5.0-r11
M Cross-site Scripting (XSS)	<5.5.0-r11
L Resource Exhaustion	<5.5.0-r11
L GHSA-f886-m6hf-6m8v	<5.5.0-r11
L Arbitrary Code Injection	<5.5.0-r11
L GHSA-c2c7-rcm5-vvqj	<5.5.0-r11
L GHSA-2w6w-674q-4c4q	<5.5.0-r11
L GHSA-48c2-rrv3-qjmp	<5.5.0-r11
L GHSA-8gc5-j5rx-235r	<5.5.0-r11
L GHSA-7rx3-28cr-v5wh	<5.5.0-r11
H Cross-site Scripting (XSS)	<5.5.0-r11
L GHSA-3mfm-83xf-c92r	<5.5.0-r11
L GHSA-3v7f-55p6-f55p	<5.5.0-r11
L Inefficient Regular Expression Complexity	<5.5.0-r11
L Improper Check for Unusual or Exceptional Conditions	<5.5.0-r11
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<5.5.0-r11
L Arbitrary Code Injection	<5.5.0-r11
L GHSA-442j-39wm-28r2	<5.5.0-r11
L GHSA-9cx6-37pm-9jff	<5.5.0-r11
L Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<5.5.0-r11
L GHSA-xjpj-3mr7-gcpf	<5.5.0-r11
L Improper Validation of Specified Quantity in Input	<5.5.0-r11
L GHSA-xhpv-hc6g-r9c6	<5.5.0-r11
L GHSA-2qvq-rjwj-gvw9	<5.5.0-r11
L Arbitrary Code Injection	<5.5.0-r11
L Uncontrolled Recursion	<5.5.0-r9
L CVE-2026-3449	<5.5.0-r9
L GHSA-vpq2-c234-7xj6	<5.5.0-r9
L GHSA-9ppj-qmqm-q256	<5.5.0-r9
L GHSA-qffp-2rhf-9h96	<5.5.0-r9
M Directory Traversal	<5.5.0-r9
M Directory Traversal	<5.5.0-r9
L GHSA-25h7-pfq9-p65f	<5.5.0-r9
L GHSA-7r86-cg39-jmmj	<5.5.0-r7
L GHSA-23c5-xmqv-rm74	<5.5.0-r7
L Algorithmic Complexity	<5.5.0-r7
L Inefficient Regular Expression Complexity	<5.5.0-r7
H Buffer Overflow	<5.5.0-r7
L GHSA-fj3w-jwp8-x2g3	<5.5.0-r7
L GHSA-5c6j-r48x-rmvq	<5.5.0-r7
L Inefficient Regular Expression Complexity	<5.5.0-r6
L GHSA-2g4f-4pwh-qvx6	<5.5.0-r6
L GHSA-jmr7-xgp7-cmfj	<5.5.0-r6
L GHSA-3ppc-4f35-3m26	<5.5.0-r6
L GHSA-m7jm-9gc2-mpf2	<5.5.0-r6
H Directory Traversal	<5.5.0-r6
L Incorrect Regular Expression	<5.5.0-r6
L Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<5.5.0-r6
H Inefficient Regular Expression Complexity	<5.5.0-r6
L GHSA-83g3-92jg-28cx	<5.5.0-r6
L Improper Input Validation	<5.5.0-r5
H CVE-2026-2391	<5.5.0-r5
L GHSA-w7fw-mjwx-w883	<5.5.0-r5
L GHSA-37qj-frw5-hhjh	<5.5.0-r5
L Directory Traversal	<5.5.0-r3
L GHSA-8qq5-rm4j-mr97	<5.5.0-r3
L GHSA-34x7-hfp2-rc4v	<5.5.0-r3
M Improper Handling of Unicode Encoding	<5.5.0-r3
L GHSA-73rr-hh4g-fpgx	<5.5.0-r3
L GHSA-r6q2-hw4h-h46w	<5.5.0-r3
M Directory Traversal	<5.5.0-r3
H Resource Exhaustion	<5.5.0-r3
L GHSA-6rw7-vpxm-498p	<5.5.0-r0
L CVE-2025-15284	<5.5.0-r0
L GHSA-xx4v-prfh-6cgc	<5.4.0-r2
L Inefficient Regular Expression Complexity	<5.4.0-r2
L Inefficient Regular Expression Complexity	<5.4.0-r2
L Inefficient Regular Expression Complexity	<5.4.0-r2
L GHSA-h5c3-5r3r-rr8q	<5.4.0-r2
L GHSA-rmvr-2pp2-xj38	<5.4.0-r2
L GHSA-wqch-xfxh-vrr4	<5.4.0-r5
L CVE-2025-13466	<5.4.0-r5
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<5.4.0-r4
L GHSA-mh29-5h37-fv8m	<5.4.0-r4
L GHSA-vj76-c3g6-qr5v	<5.4.0-r2
L Directory Traversal	<5.4.0-r2
L Allocation of Resources Without Limits or Throttling	<5.4.0-r1
L GHSA-4hjh-wcwx-xvwj	<5.4.0-r1
L GHSA-fjxv-7rqg-78g4	<5.3.1-r7
L CVE-2025-7783	<5.3.1-r7
L CVE-2025-7339	<5.3.1-r6
L GHSA-76c9-3jph-rj3q	<5.3.1-r6
L Resource Exhaustion	<5.3.1-r3
L GHSA-v6h2-p8h4-qcjw	<5.3.1-r3
L GHSA-8cj5-5rvv-wf4v	<5.3.1-r2
L Directory Traversal	<5.3.1-r2
L GHSA-75v8-2h7p-7m2m	<5.3.0-r1
H CVE-2025-46653	<5.3.0-r1
L CVE-2024-12905	<5.2.0-r1
L GHSA-pq67-2wwv-3xjx	<5.2.0-r1
M Server-Side Request Forgery (SSRF)	<5.1.3-r2
L GHSA-jr5f-v2jv-69x6	<5.1.3-r2
L GHSA-rhx6-c78j-4q9w	<5.1.1-r0
L Inefficient Regular Expression Complexity	<5.1.1-r0
L CVE-2024-21538	<5.0.0-r1
L GHSA-3xgq-45jj-v275	<5.0.0-r1

Vulnerability

Vulnerable Version

Resource Exhaustion

<5.5.0-r12