AZL-59172 CVE-2025-30204 affecting package blobfuse2 for versions less than 2.3.2-2

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

CVE-2024-24786 affecting package blobfuse2 for versions less than 2.1.2-7

CVE-2024-24786 affecting package blobfuse2 for versions less than 2.1.2-7. A patched version of the package is available...