Product
chainguard melange
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-29051
CVE-2026-29050
CVE-2026-29049
CVE-2026-25145
CVE-2026-25143
CVE-2026-24844
CVE-2026-24843
CVE-2006-0917
CVE-2002-1351
CVE-2002-0552
>= 0.32.0 and < 0.43.4
melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, `m
>= 0.32.0 and < 0.43.4
melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, an
<= 0.40.5
melange allows users to build apk packages using declarative pipelines. In version 0.40.5 and prior, melange update-cache download
>= 0.14.0 and < 0.40.5
melange allows users to build apk packages using declarative pipelines. From version 0.14.0 to before 0.40.3, an attacker who can
>= 0.10.0 and < 0.40.5
melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacker who can
>= 0.3.0 and <= 0.40.5
melange allows users to build apk packages using declarative pipelines. From version 0.3.0 to before 0.40.3, an attacker who can p
>= 0.11.3 and < 0.40.5
melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can in
all versions
Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies and other sensitive information for
all versions
Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service (chat server crash) and possibly
all versions
Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and pos