BIG-IP (LTM, AAM, AFM, APM, ASM, Edge Gateway, GTM, PEM, WebAccelerator, WebSafe) Security Vulnerabilities
Vulnerabilities for packages: cluster-autoscaler, ip-masq-agent, kubernetes-csi-driver-hostpath, node-feature-discovery, aws-ebs-csi-driver, local-static-provisioner, kubernetes-dns-node-cache, kubernetes, calico, nodetaint, kubeflow-pipelines,...
3.8AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: scorecard, ingress-nginx-controller, metacontroller, flux-kustomize-controller, up, calico, istio-envoy, influxd, gatekeeper, kubernetes-csi-livenessprobe, pulumi, gomplate, ko, pulumi-language-yaml, envoy-ratelimit, gitlab-shell, kubewatch, cert-manager, nats,...
8.7AI Score
0.72EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: scorecard, ingress-nginx-controller, metacontroller, prometheus-mysqld-exporter, prometheus-node-exporter, up, vault, bank-vaults, calico, rabbitmq-messaging-topology-operator, influxd, gatekeeper, influx, kube-fluentd-operator, smarter-device-manager, filebeat,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
6.5AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: scorecard, ingress-nginx-controller, metacontroller, prometheus-mysqld-exporter, prometheus-node-exporter, up, vault, bank-vaults, calico, rabbitmq-messaging-topology-operator, influxd, gatekeeper, influx, kube-fluentd-operator, smarter-device-manager, filebeat,...
6.6AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
6.5AI Score
0.0004EPSS
GHSA-H75V-3VVJ-5MFJ vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, confluent-docker-utils, reflex, superset,...
7.5AI Score
7.8AI Score
0.0004EPSS
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: scorecard, metacontroller, prometheus-mysqld-exporter, bank-vaults, gatekeeper, cni-plugins, node-feature-discovery, src-fingerprint, pulumi, datadog-agent, k3s, nri-discovery-kubernetes, pombump, ferretdb, kafka_exporter, ko, terragrunt, src, mc, neuvector-scanner,...
6.9AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: overmind, gostatsd, metacontroller, prometheus-mysqld-exporter, scorecard, flux-kustomize-controller, rabbitmq-default-user-credential-updater, nats-server, bank-vaults, go-md2man, croc, harbor, influx, smarter-device-manager, stern, kubernetes-csi-livenessprobe,...
7.5AI Score
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: overmind, gostatsd, metacontroller, prometheus-mysqld-exporter, scorecard, flux-kustomize-controller, rabbitmq-default-user-credential-updater, nats-server, bank-vaults, go-md2man, croc, harbor, influx, smarter-device-manager, stern, kubernetes-csi-livenessprobe,...
6.6AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: dgraph, go-bindata, scorecard, go-md2man, go-licenses, k3d, petname, hey, influx, cni-plugins, cilium-envoy, smarter-device-manager, aws-flb-cloudwatch, cortex, ip-masq-agent, sbom-scorecard, gitlab-logger, sops, aws-flb-kinesis, amass, nri-discovery-kubernetes, oras,....
8.2AI Score
0.001EPSS
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: ggshield, kubeflow-jupyter-web-app, confluent-docker-utils, kubeflow-pipelines-visualization-server, az, kubeflow-katib, kubeflow-pipelines, py3-cassandra-medusa, k8s-sidecar, py3-idna,...
7.5AI Score
Vulnerabilities for packages: ggshield, kubeflow-jupyter-web-app, confluent-docker-utils, kubeflow-pipelines-visualization-server, az, kubeflow-katib, kubeflow-pipelines, py3-cassandra-medusa, k8s-sidecar, py3-idna,...
6.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: scorecard, metacontroller, prometheus-mysqld-exporter, bank-vaults, gatekeeper, cni-plugins, node-feature-discovery, src-fingerprint, pulumi, datadog-agent, k3s, nri-discovery-kubernetes, pombump, ferretdb, kafka_exporter, ko, terragrunt, src, mc, neuvector-scanner,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
7.5AI Score
GHSA-HQ6Q-C2X6-HMCH vulnerabilities
Vulnerabilities for packages: cluster-autoscaler, ip-masq-agent, aws-ebs-csi-driver, aws-efs-csi-driver, kubernetes-dns-node-cache, calico, nodetaint, prometheus-adapter,...
7.5AI Score
Vulnerabilities for packages: cluster-autoscaler, ip-masq-agent, aws-ebs-csi-driver, aws-efs-csi-driver, kubernetes-dns-node-cache, calico, nodetaint, prometheus-adapter,...
8.9AI Score
0.001EPSS
CVE-2024-34064 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, confluent-docker-utils, reflex, superset,...
5.6AI Score
0.0004EPSS
6.4AI Score
0.0004EPSS
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: overmind, gostatsd, metacontroller, prometheus-mysqld-exporter, scorecard, flux-kustomize-controller, rabbitmq-default-user-credential-updater, nats-server, bank-vaults, go-md2man, croc, harbor, influx, smarter-device-manager, stern, kubernetes-csi-livenessprobe,...
7.5AI Score
7.5AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: dgraph, go-bindata, scorecard, go-md2man, go-licenses, k3d, petname, hey, influx, cni-plugins, cilium-envoy, smarter-device-manager, aws-flb-cloudwatch, cortex, ip-masq-agent, sbom-scorecard, gitlab-logger, sops, aws-flb-kinesis, amass, nri-discovery-kubernetes, oras,....
7.4AI Score
0.001EPSS
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: dgraph, go-bindata, scorecard, go-md2man, go-licenses, k3d, petname, hey, influx, cni-plugins, cilium-envoy, smarter-device-manager, aws-flb-cloudwatch, cortex, ip-masq-agent, sbom-scorecard, gitlab-logger, sops, aws-flb-kinesis, amass, nri-discovery-kubernetes, oras,....
7.5AI Score
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: dgraph, go-bindata, scorecard, go-md2man, go-licenses, k3d, petname, hey, influx, cni-plugins, cilium-envoy, smarter-device-manager, aws-flb-cloudwatch, cortex, ip-masq-agent, sbom-scorecard, gitlab-logger, sops, aws-flb-kinesis, amass, nri-discovery-kubernetes, oras,....
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: scorecard, ingress-nginx-controller, metacontroller, flux-kustomize-controller, up, calico, istio-envoy, influxd, gatekeeper, kubernetes-csi-livenessprobe, pulumi, gomplate, ko, pulumi-language-yaml, envoy-ratelimit, gitlab-shell, kubewatch, cert-manager, nats,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
6.5AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
6.5AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...
6.5AI Score
0.0004EPSS
GHSA-PXHW-596R-RWQ5 vulnerabilities
Vulnerabilities for packages: cluster-autoscaler, ip-masq-agent, kubernetes-csi-driver-hostpath, node-feature-discovery, aws-ebs-csi-driver, local-static-provisioner, kubernetes-dns-node-cache, kubernetes, calico, nodetaint, kubeflow-pipelines,...
7.5AI Score
CVE-2023-43804 vulnerabilities
Vulnerabilities for packages: py3-urllib3, kubeflow-jupyter-web-app, dask-gateway, kube-downscaler, k8s-sidecar,...
8AI Score
0.001EPSS
GHSA-V845-JXX5-VC9F vulnerabilities
Vulnerabilities for packages: py3-urllib3, kubeflow-jupyter-web-app, dask-gateway, kube-downscaler, k8s-sidecar,...
7.5AI Score
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: overmind, gostatsd, metacontroller, prometheus-mysqld-exporter, scorecard, flux-kustomize-controller, rabbitmq-default-user-credential-updater, nats-server, bank-vaults, go-md2man, croc, harbor, influx, smarter-device-manager, stern, kubernetes-csi-livenessprobe,...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....
CVE-2024-35942 pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...
CVE-2024-35920 media: mediatek: vcodec: adding lock to protect decoder context list
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....
CVE-2024-35919 media: mediatek: vcodec: adding lock to protect encoder context list
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....
In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...
In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() qdisc_tree_reduce_backlog() is called with the qdisc lock held, not RTNL. We must use qdisc_lookup_rcu() instead of qdisc_lookup() syzbot reported: WARNING: suspicious...
CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-19
CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-19. This CVE either no longer is or was never...
7.8AI Score
0.004EPSS
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-19
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-19. This CVE either no longer is or was never...
6.6AI Score
0.001EPSS
CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...
8.2AI Score
0.72EPSS
CVE-2024-35903 x86/bpf: Fix IP after emitting call depth accounting
In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...