Description Under OIDC authentication mode, there is a redirect_url parameter exposed in the URL which is used to redirect the current user to the defined location after the successful OIDC login, This redirect_url can be an ambiguous URL and can be used to embed a phishing URL. For example: if a.....
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.8AI Score
0.72EPSS
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
8.3AI Score
0.002EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, bom, slsa-verifier, external-dns, prometheus, dynamic-localpv-provisioner, envoy-ratelimit, gke-gcloud-auth-plugin, weaviate, kubescape, keda, aws-efs-csi-driver, secrets-store-csi-driver-provider-gcp, grpcurl, conftest,...
8.1AI Score
0.72EPSS
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: skopeo, ctop, wolfictl, k3d, runc, zarf, kubernetes, docker, nerdctl, skaffold, syft, kubescape, telegraf, zot, k3s, kots, buildkitd, newrelic-infrastructure-agent, cadvisor, grype, trivy, k9s, datadog-agent, ingress-nginx-controller, kaniko,...
7.5AI Score
0.051EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: gitness, fuse-overlayfs-snapshotter, melange, kubevela, ctop, k3d, cilium-cli, skaffold, helm, kubescape, telegraf, up, flux-source-controller, flux-helm-controller, zot, eksctl, kots, newrelic-infrastructure-agent, grype, trivy, cert-manager, tekton-pipelines,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: trivy, cilium-cli, istio-operator, cert-manager, chartmuseum, flux-source-controller, helm-push, flux-helm-controller, helm-operator, k9s, eksctl, up, kots, zot, zarf, kubescape,...
6.5AI Score
0.0004EPSS
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: trivy, cilium-cli, istio-operator, cert-manager, chartmuseum, flux-source-controller, helm-push, flux-helm-controller, helm-operator, k9s, eksctl, up, kots, zot, zarf, kubescape,...
7.5AI Score
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: kyverno, tekton-chains, vault, slsa-verifier, oauth2-proxy, fulcio, traefik, terragrunt, vexctl, argo-cd, cloudflared, dex, kubescape, sops, spire-server, rekor, falco, keda, flux-source-controller, istio-pilot-discovery, kots, tkn, flux-kustomize-controller, gitsign,....
7.5AI Score
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: goreleaser, tekton-chains, bom, slsa-verifier, ctop, k3d, prometheus, skaffold, kubescape, kpt, scorecard, falco, paranoia, up, chartmuseum, k3s, cert-manager, tekton-pipelines, loki,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: guac, fuse-overlayfs-snapshotter, goreleaser, melange, restic, tekton-chains, kyverno-policy-reporter, trust-manager, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, fulcio, kor, cfssl, external-dns, kuberay-operator,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
6.5AI Score
0.0004EPSS
GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: wireguard-go, falco, restic, k3d, grpcurl, go, dynamic-localpv-provisioner, hey,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, melange, fq, restic, harbor-scanner-trivy, tekton-chains, bom, nri-consul, trust-manager, prometheus-beat-exporter, fulcio, external-dns, terragrunt, tflint, flux, gh, gke-gcloud-auth-plugin, kubernetes-dashboard, keda, velero,...
7AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: guac, fuse-overlayfs-snapshotter, melange, harbor-scanner-trivy, tekton-chains, go, go-licenses, bom, trust-manager, prometheus-beat-exporter, aactl, fulcio, harbor-cli, cfssl, kubernetes-csi-external-snapshotter, newrelic-prometheus-configurator, external-dns,...
6.5AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: goreleaser, mage, aws-flb-firehose, go-licenses, hey, slsa-verifier, kubernetes-dashboard-metrics-scraper, docker-credential-ecr-login, wait-for-port, cortex, ctop, protoc-gen-go-grpc, go-bindata, nsc, k3d, go-md2man, nats, gosu, sonobuoy, gke-gcloud-auth-plugin,...
8.2AI Score
0.001EPSS
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, bom, trust-manager, kubernetes-csi-external-snapshotter, aactl, external-dns, flux, prometheus, dynamic-localpv-provisioner, gke-gcloud-auth-plugin, weaviate, kubernetes-dashboard, keda, aws-efs-csi-driver,...
6.5AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: goreleaser, melange, fq, tekton-chains, go-licenses, bom, kyverno-policy-reporter, slsa-verifier, fulcio, cfssl, external-dns, terragrunt, gitlab-kas, flux, crossplane, prometheus, dynamic-localpv-provisioner, weaviate, kubescape, sops, kubernetes-dashboard,...
7AI Score
0.962EPSS
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: guac, goreleaser, crane, kubevela, kyverno, skopeo, tekton-chains, policy-controller, bom, slsa-verifier, traefik, cri-tools, ctop, vexctl, zarf, prometheus, nerdctl, skaffold, helm, kubescape, k8sgpt, scorecard, falco, gitlab-runner, docker-credential-gcr, filebeat,.....
7.8AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: guac, fuse-overlayfs-snapshotter, goreleaser, melange, restic, tekton-chains, kyverno-policy-reporter, trust-manager, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, fulcio, kor, cfssl, external-dns, kuberay-operator,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
6.5AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
7.5AI Score
CVE-2023-45142 vulnerabilities
Vulnerabilities for packages: gitlab-kas, keda, thanos, kubevela, prometheus-adapter, prometheus, cert-manager, kubernetes, up, caddy, k3s, calico, ipfs,...
7.7AI Score
0.001EPSS
GHSA-RCJV-MGP8-QVMR vulnerabilities
Vulnerabilities for packages: gitlab-kas, keda, thanos, kubevela, prometheus-adapter, prometheus, cert-manager, kubernetes, up, caddy, k3s, calico, ipfs,...
7.5AI Score
CVE-2022-41723 vulnerabilities
Vulnerabilities for packages: wireguard-go, falco, restic, k3d, grpcurl, go, dynamic-localpv-provisioner, hey,...
8.2AI Score
0.02EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: guac, fuse-overlayfs-snapshotter, melange, harbor-scanner-trivy, tekton-chains, go, go-licenses, bom, trust-manager, prometheus-beat-exporter, aactl, fulcio, harbor-cli, cfssl, kubernetes-csi-external-snapshotter, newrelic-prometheus-configurator, external-dns,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, melange, fq, restic, harbor-scanner-trivy, tekton-chains, bom, nri-consul, trust-manager, prometheus-beat-exporter, fulcio, external-dns, terragrunt, tflint, flux, gh, gke-gcloud-auth-plugin, kubernetes-dashboard, keda, velero,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: guac, fuse-overlayfs-snapshotter, melange, harbor-scanner-trivy, tekton-chains, go, go-licenses, bom, trust-manager, prometheus-beat-exporter, aactl, fulcio, harbor-cli, cfssl, kubernetes-csi-external-snapshotter, newrelic-prometheus-configurator, external-dns,...
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, tekton-chains, go, bom, trust-manager, slsa-verifier, aactl, kubernetes-csi-external-snapshotter, external-dns, flux, prometheus, dynamic-localpv-provisioner, gke-gcloud-auth-plugin, weaviate, kubescape, kubernetes-dashboard,...
8.2AI Score
0.002EPSS
GHSA-C5Q2-7R4C-MV6G vulnerabilities
Vulnerabilities for packages: apko, guac, goreleaser, melange, cilium, kyverno, frp, skopeo, containerd, istio-operator, policy-controller, tekton-chains, vault, ko, slsa-verifier, oauth2-proxy, fulcio, terragrunt, vexctl, wolfictl, argo-cd, cloudflared, zarf, nerdctl, skaffold, grafana, weaviate,....
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
7.5AI Score
GHSA-8PGV-569H-W5RW vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver, temporal-server, keda, kyverno, kubevela, argo-cd, containerd, cert-manager, envoy-ratelimit, kubernetes, temporal, k3s, kine, docker-compose, kubescape, kubernetes-csi-external-resizer,...
7.5AI Score
CVE-2023-47108 vulnerabilities
Vulnerabilities for packages: aws-ebs-csi-driver, temporal-server, keda, kyverno, kubevela, argo-cd, containerd, cert-manager, envoy-ratelimit, kubernetes, temporal, k3s, kine, docker-compose, kubescape, kubernetes-csi-external-resizer,...
7.7AI Score
0.001EPSS
CVE-2024-26147 vulnerabilities
Vulnerabilities for packages: trivy, cilium-cli, istio-operator, cert-manager, chartmuseum, flux-source-controller, helm-push, flux-helm-controller, helm-operator, k9s, eksctl, up, kots, zot, zarf, kubescape,...
7.7AI Score
0.0004EPSS
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: goreleaser, mage, aws-flb-firehose, go-licenses, hey, slsa-verifier, kubernetes-dashboard-metrics-scraper, docker-credential-ecr-login, wait-for-port, cortex, ctop, protoc-gen-go-grpc, go-bindata, nsc, k3d, go-md2man, nats, gosu, sonobuoy, gke-gcloud-auth-plugin,...
7.4AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: goreleaser, mage, aws-flb-firehose, go-licenses, hey, slsa-verifier, kubernetes-dashboard-metrics-scraper, docker-credential-ecr-login, wait-for-port, cortex, ctop, protoc-gen-go-grpc, go-bindata, nsc, k3d, go-md2man, nats, gosu, sonobuoy, gke-gcloud-auth-plugin,...
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: goreleaser, mage, aws-flb-firehose, go-licenses, hey, slsa-verifier, kubernetes-dashboard-metrics-scraper, docker-credential-ecr-login, wait-for-port, cortex, ctop, protoc-gen-go-grpc, go-bindata, nsc, k3d, go-md2man, nats, gosu, sonobuoy, gke-gcloud-auth-plugin,...
7.5AI Score
CVE-2024-28180 vulnerabilities
Vulnerabilities for packages: apko, guac, goreleaser, melange, cilium, kyverno, frp, skopeo, containerd, istio-operator, policy-controller, tekton-chains, vault, ko, slsa-verifier, oauth2-proxy, fulcio, terragrunt, vexctl, wolfictl, argo-cd, cloudflared, zarf, nerdctl, skaffold, grafana, weaviate,....
5AI Score
0.0004EPSS
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, bom, trust-manager, kubernetes-csi-external-snapshotter, aactl, external-dns, flux, prometheus, dynamic-localpv-provisioner, gke-gcloud-auth-plugin, weaviate, kubernetes-dashboard, keda, aws-efs-csi-driver,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, tekton-chains, go, bom, trust-manager, slsa-verifier, aactl, kubernetes-csi-external-snapshotter, external-dns, flux, prometheus, dynamic-localpv-provisioner, gke-gcloud-auth-plugin, weaviate, kubescape, kubernetes-dashboard,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: goreleaser, melange, fq, tekton-chains, go-licenses, bom, kyverno-policy-reporter, slsa-verifier, fulcio, cfssl, external-dns, terragrunt, gitlab-kas, flux, crossplane, prometheus, dynamic-localpv-provisioner, weaviate, kubescape, sops, kubernetes-dashboard,...
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: goreleaser, pulumi-language-dotnet, kubevela, gitlab-pages, ko, slsa-verifier, calico, oauth2-proxy, cortex, external-dns, gatekeeper, argo-cd, k3d, terraform, prometheus-adapter, prometheus, dynamic-localpv-provisioner, envoy-ratelimit, pulumi-language-yaml, coredns,....
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, bom, slsa-verifier, external-dns, prometheus, dynamic-localpv-provisioner, envoy-ratelimit, gke-gcloud-auth-plugin, weaviate, kubescape, keda, aws-efs-csi-driver, secrets-store-csi-driver-provider-gcp, grpcurl, conftest,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
6.5AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
6.5AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: fuse-overlayfs-snapshotter, goreleaser, fq, go-licenses, bom, kyverno-policy-reporter, kine, prometheus-beat-exporter, slsa-verifier, kubernetes-csi-external-snapshotter, kor, cfssl, newrelic-prometheus-configurator, external-dns, govulncheck, kuberay-operator,...
7.5AI Score
GHSA-V53G-5GJP-272R vulnerabilities
Vulnerabilities for packages: trivy, cilium-cli, istio-operator, cert-manager, chartmuseum, flux-source-controller, helm-push, flux-helm-controller, helm-operator, k9s, eksctl, up, kots, zot, zarf, kubescape,...
7.5AI Score
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: guac, fuse-overlayfs-snapshotter, melange, harbor-scanner-trivy, tekton-chains, go, go-licenses, bom, trust-manager, prometheus-beat-exporter, aactl, fulcio, harbor-cli, cfssl, kubernetes-csi-external-snapshotter, newrelic-prometheus-configurator, external-dns,...
6.5AI Score
0.0004EPSS