vitess-22 | Snyk

Direct Vulnerabilities

Known vulnerabilities in the vitess-22 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L GHSA-m9x8-m34x-fj9q	<22.0.4-r14
L GHSA-w2q5-6q6x-x959	<22.0.4-r14
L Improper Restriction of Rendered UI Layers or Frames	<22.0.4-r14
L Improper Restriction of Rendered UI Layers or Frames	<22.0.4-r14
L GHSA-gv7w-rqvm-qjhr	<22.0.4-r14
L Cross-site Scripting (XSS)	<22.0.4-r14
L CVE-2026-39821	<22.0.4-r14
L GHSA-cg87-vwwh-xvgj	<22.0.4-r14
L Improper Restriction of Rendered UI Layers or Frames	<22.0.4-r14
L GHSA-5cv4-jp36-h3mw	<22.0.4-r14
L GHSA-w9p8-pvxh-rxpj	<22.0.4-r14
L Resource Exhaustion	<22.0.4-r14
L GHSA-wrh2-89vg-4j9g	<22.0.4-r14
L CVE-2026-46595	<22.0.4-r13
L Improper Certificate Validation	<22.0.4-r13
L GHSA-497x-jcxf-m478	<22.0.4-r13
L Deserialization of Untrusted Data	<22.0.4-r13
L CVE-2026-39825	<22.0.4-r13
L GHSA-5m4p-2gjx-p2g8	<22.0.4-r13
L GHSA-3v2c-x6q9-f697	<22.0.4-r13
L Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<22.0.4-r13
H Loop with Unreachable Exit Condition ('Infinite Loop')	<22.0.4-r13
L GHSA-h524-452v-82p9	<22.0.4-r13
L Out-of-Bounds	<22.0.4-r13
L Improper Certificate Validation	<22.0.4-r13
L Cross-site Scripting (XSS)	<22.0.4-r13
L Improper Certificate Validation	<22.0.4-r13
H Double Free	<22.0.4-r13
L Improper Verification of Cryptographic Signature	<22.0.4-r13
M Link Following	<22.0.4-r13
L GHSA-h74g-238j-357m	<22.0.4-r13
L CVE-2026-42504	<22.0.4-r13
L Incorrect Type Conversion or Cast	<22.0.4-r13
L Improper Encoding or Escaping of Output	<22.0.4-r13
L GHSA-2283-wf8c-rw8r	<22.0.4-r13
L GHSA-jxxr-4gwj-5jf2	<22.0.4-r12
L GHSA-xq5j-9r39-c3vf	<22.0.4-r12
L CVE-2026-46598	<22.0.4-r12
L GHSA-qc64-m6c2-v4x7	<22.0.4-r12
L GHSA-h3gm-q7m7-mp28	<22.0.4-r12
L CVE-2026-42499	<22.0.4-r12
L Integer Overflow or Wraparound	<22.0.4-r12
L GHSA-4279-q6mj-392r	<22.0.4-r12
L GHSA-qf3q-3h68-mmh2	<22.0.4-r12
L GHSA-8g2r-hhvj-mv99	<22.0.4-r12
L CVE-2026-27145	<22.0.4-r12
M Out-of-bounds Write	<22.0.4-r12
L GHSA-p9h5-jm8x-mjm5	<22.0.4-r12
L CVE-2026-42501	<22.0.4-r12
L Missing Authorization	<22.0.4-r12
L CVE-2026-42507	<22.0.4-r12
L Missing Authorization	<22.0.4-r12
H Allocation of Resources Without Limits or Throttling	<22.0.4-r12
H NULL Pointer Dereference	<22.0.4-r12
H Resource Exhaustion	<22.0.4-r12
C Arbitrary Code Injection	<22.0.4-r11
L GHSA-xq3m-2v4x-88gg	<22.0.4-r11
L GHSA-78h2-9frx-2jm8	<22.0.4-r10
L GHSA-xmrv-pmrh-hhx2	<22.0.4-r10
L Uncaught Exception	<22.0.4-r10
H Untrusted Search Path	<22.0.4-r10
L GHSA-hfvc-g4fc-pqhx	<22.0.4-r10
L GHSA-f886-m6hf-6m8v	<22.0.4-r9
L GHSA-4w7w-66w2-5vf9	<22.0.4-r9
L GHSA-rf6f-7fwh-wjgh	<22.0.4-r9
M Directory Traversal	<22.0.4-r9
L GHSA-r5fr-rjxr-66jc	<22.0.4-r9
L GHSA-48c2-rrv3-qjmp	<22.0.4-r9
C CVE-2026-4800	<22.0.4-r9
M CVE-2026-2950	<22.0.4-r9
L GHSA-c2c7-rcm5-vvqj	<22.0.4-r9
L GHSA-j3q9-mxjg-w52f	<22.0.4-r9
L CVE-2026-4923	<22.0.4-r9
L Uncontrolled Recursion	<22.0.4-r9
C Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<22.0.4-r9
L GHSA-p9ff-h696-f583	<22.0.4-r9
L GHSA-v2wj-q39q-566r	<22.0.4-r9
L GHSA-27v5-c462-wpq7	<22.0.4-r9
L GHSA-3v7f-55p6-f55p	<22.0.4-r9
H Resource Exhaustion	<22.0.4-r9
L GHSA-f23m-r3pf-42rh	<22.0.4-r9
L CVE-2026-4926	<22.0.4-r9
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<22.0.4-r9
H Information Exposure	<22.0.4-r9
H Incorrect Behavior Order: Validate Before Canonicalize	<22.0.4-r9
L Inefficient Regular Expression Complexity	<22.0.4-r9
L Improper Authorization	<22.0.4-r7
L GHSA-p77j-4mvh-x3m3	<22.0.4-r7
C Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<22.0.4-r6
L GHSA-xpqw-6gx7-v673	<22.0.4-r6
L GHSA-25h7-pfq9-p65f	<22.0.4-r6
L Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<22.0.4-r6
L Uncontrolled Recursion	<22.0.4-r6
L GHSA-wf6x-7x77-mvgw	<22.0.4-r6
L GHSA-qpx9-hpmf-5gmw	<22.0.4-r5
M Allocation of Resources Without Limits or Throttling	<22.0.4-r5
L GHSA-23c5-xmqv-rm74	<22.0.4-r4
L Inefficient Regular Expression Complexity	<22.0.4-r4
L GHSA-7r86-cg39-jmmj	<22.0.4-r4
L Algorithmic Complexity	<22.0.4-r4
H CVE-2025-15558	<22.0.4-r3
L GHSA-p436-gjf2-799p	<22.0.4-r3
L GHSA-34x7-hfp2-rc4v	<22.0.3-r0
L CVE-2025-50537	<22.0.2-r4
H Directory Traversal	<22.0.3-r2
L GHSA-8qq5-rm4j-mr97	<22.0.3-r0
L GHSA-g4jq-h2w9-997c	<22.0.2-r0
L GHSA-jqfw-vq24-v9c3	<22.0.2-r0
L GHSA-xvqr-69v8-f3gv	<22.0.2-r4
M Directory Traversal	<22.0.2-r0
L GHSA-jwmf-chvc-rf92	<22.0.1-r6
L CVE-2025-58183	<22.0.1-r6
M Directory Traversal	<22.0.2-r0
L GHSA-38c4-r59v-3vqw	<22.0.3-r2
L GHSA-frhw-mqj2-wxw2	<22.0.1-r6
L Allocation of Resources Without Limits or Throttling	<22.0.1-r6
L Allocation of Resources Without Limits or Throttling	<22.0.2-r4
L Out-of-bounds Write	<22.0.2-r4
L GHSA-rjcg-56ph-3qvg	<22.0.1-r6
L Resource Exhaustion	<22.0.3-r0
L GHSA-cxq7-xw9v-rcv3	<22.0.1-r6
L GHSA-f6x5-jh6r-wrfv	<22.0.2-r1
L CVE-2025-58181	<22.0.2-r1
L GHSA-r6q2-hw4h-h46w	<22.0.3-r0
L GHSA-mw96-cpmx-2vgc	<22.0.4-r2
C Directory Traversal	<22.0.4-r2
H CVE-2026-2327	<22.0.3-r2
L GHSA-xxjr-mmjv-4gpg	<22.0.3-r0
L GHSA-83g3-92jg-28cx	<22.0.3-r2
L CVE-2025-58186	<22.0.1-r6
L Inefficient Regular Expression Complexity	<22.0.3-r2
M CVE-2025-13465	<22.0.3-r0
H Resource Exhaustion	<22.0.3-r0
L Allocation of Resources Without Limits or Throttling	<22.0.1-r6
L CVE-2025-61730	<22.0.2-r4
L GHSA-7wwx-xj66-r44x	<22.0.1-r6
M Link Following	<22.0.1-r5
L GHSA-j5w8-q4qc-rx2x	<22.0.2-r1
L GHSA-hjx7-fpxx-mj48	<22.0.1-r6
L CVE-2025-47914	<22.0.2-r1
L GHSA-gr56-3gp6-6gmj	<22.0.2-r4
L GHSA-fjxv-7rqg-78g4	<22.0.1-r3
L Algorithmic Complexity	<22.0.1-r6
L CVE-2025-47912	<22.0.1-r6
L Directory Traversal	<22.0.3-r0
L GHSA-52f5-9888-hmc6	<22.0.1-r5
L GHSA-3ppc-4f35-3m26	<22.0.3-r2
L CVE-2025-7783	<22.0.1-r3
L GHSA-9h8m-3fm2-qjrq	<22.0.4-r1
L GHSA-v6h2-p8h4-qcjw	<22.0.3-r0
L CVE-2025-61731	<22.0.2-r4
L GHSA-2g4f-4pwh-qvx6	<22.0.3-r2
H Inefficient Regular Expression Complexity	<22.0.3-r2
L Allocation of Resources Without Limits or Throttling	<22.0.1-r6
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<22.0.2-r2
L Improper Certificate Validation	<22.0.1-r6
L GHSA-cm6p-qc7v-m3jw	<22.0.2-r4
L GHSA-447v-2qg4-h8hc	<22.0.1-r6
L GHSA-9gcr-gp5f-jw27	<22.0.1-r6
L CVE-2025-61725	<22.0.1-r6
L GHSA-mh29-5h37-fv8m	<22.0.2-r2
L Untrusted Search Path	<22.0.4-r1
M Improper Handling of Unicode Encoding	<22.0.3-r0
L GHSA-qh38-484v-w52x	<22.0.1-r6
L GHSA-3966-f6p6-2qr9	<22.0.3-r0
M Directory Traversal	<22.0.3-r0
L GHSA-gm9r-q53w-2gh4	<22.0.2-r4
L GHSA-p5wg-g6qr-c7cg	<22.0.2-r4
L Information Exposure Through Log Files	<22.0.1-r6
L Incorrect Permission Assignment for Critical Resource	<22.0.3-r0
L GHSA-76c9-3jph-rj3q	<22.0.2-r0
L GHSA-wcw9-47fp-rrfr	<22.0.1-r6
L GHSA-73rr-hh4g-fpgx	<22.0.3-r0
L CVE-2025-7339	<22.0.2-r0

Vulnerability

Vulnerable Version

GHSA-m9x8-m34x-fj9q

<22.0.4-r14