BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: falcoctl, melange, tkn, skaffold, flux-source-controller, tekton-chains, zarf, gitsign, aactl, spire-server, goreleaser, kubescape, zot, policy-controller, wolfictl, neuvector-sigstore-interface, ko, apko, slsa-verifier, vexctl,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, kyverno, kind, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy, node-problem-detector, traefik, kubewatch, minio, kubevela, kots, conftest, kubescape,...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: kyverno, cilium-envoy, fulcio, tkn, flux-source-controller, cosign, tekton-chains, keda, argo-workflows, istio-pilot-discovery, dex, oauth2-proxy, traefik, gitsign, aactl, external-secrets-operator, spire-server, kots, cert-manager, kubescape, sops, terragrunt,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

CVE-2023-46402 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, flux-notification-controller, melange, argo-cd,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, local-static-provisioner, kubernetes, aws-ebs-csi-driver, ip-masq-agent, spark-operator, kubernetes-csi-driver-hostpath, nodetaint, calico, cluster-autoscaler,...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy, neuvector-scanner, policy-controller, tekton-pipelines, k3d, helm-push, wolfictl, melange, cri-tools, grype, syft, prometheus, buf, kaniko, docker-compose, dagger,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: buildkitd, skaffold, runc, nerdctl, zarf, datadog-agent, grype, cadvisor, trivy, kaniko, k3d, kots, kubernetes, ctop, kubescape, nvidia-device-plugin, skopeo, zot, newrelic-infrastructure-agent, docker, wolfictl, k9s, k3s, telegraf, syft,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: helm, gitness, melange, skaffold, up, flux-source-controller, flux-helm-controller, fuse-overlayfs-snapshotter, eksctl, cilium-cli, grype, trivy, kaniko, kubevela, k3d, kots, cert-manager, ctop, kubescape, zot, newrelic-infrastructure-agent, tekton-pipelines,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: flux-helm-controller, zarf, k9s, eksctl, cert-manager, helm-push, kots, kubescape, chartmuseum, cilium-cli, zot, istio-operator, helm-operator, up, trivy, flux-source-controller,...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: flux-helm-controller, zarf, k9s, eksctl, cert-manager, helm-push, kots, kubescape, chartmuseum, cilium-cli, zot, istio-operator, helm-operator, up, trivy, flux-source-controller,...

GHSA-888H-RM2R-VRC7 vulnerabilities

Vulnerabilities for packages: falco, kind,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, nfs-subdir-external-provisioner, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: helm, gomplate, cloud-sql-proxy, bank-vaults, kyverno, caddy, nfs-subdir-external-provisioner, cluster-autoscaler, nerdctl, nri-mssql, secrets-store-csi-driver, oauth2-proxy, crossplane, node-problem-detector, traefik, kubewatch, flux-image-reflector-controller, kots,....

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: helm, buildkitd, falcoctl, kyverno, bom, crane, skaffold, up, cosign, filebeat, docker-credential-gcr, tekton-chains, argo-workflows, nerdctl, flux-helm-controller, zarf, istio-pilot-discovery, eksctl, kargo, datadog-agent, traefik, helm-operator, cadvisor, gitsign,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-3F2Q-6294-FMQ5 vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, flux-notification-controller, melange, argo-cd,...

CVE-2023-29403 vulnerabilities

Vulnerabilities for packages: falco, kind,...

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy, neuvector-scanner, policy-controller, tekton-pipelines, k3d, helm-push, wolfictl, melange, cri-tools, grype, syft, prometheus, buf, kaniko, docker-compose, dagger,...

GHSA-F2CJ-5636-4J38 vulnerabilities

Vulnerabilities for packages: falco, kind,...

GHSA-RXX3-4978-3CC9 vulnerabilities

Vulnerabilities for packages: falco, kind,...

GHSA-88JX-383Q-W4QC vulnerabilities

Vulnerabilities for packages: falcoctl, melange, tkn, skaffold, flux-source-controller, tekton-chains, zarf, gitsign, aactl, spire-server, goreleaser, kubescape, zot, policy-controller, wolfictl, neuvector-sigstore-interface, ko, apko, slsa-verifier, vexctl,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, kind, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,.....

CVE-2023-46737 vulnerabilities

Vulnerabilities for packages: goreleaser, policy-controller, falco, kubescape, ko, apko, slsa-verifier, melange, tkn, skaffold, aactl, cosign, tekton-chains,...

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: pulumi-language-yaml, gitness, melange, tkn, skaffold, flux-source-controller, cosign, tekton-chains, keda, crossplane-provider-aws, zarf, actions-runner-controller, pulumi-kubernetes-operator, flux-notification-controller, crossplane, gitsign, pulumi-language-dotnet,....

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: step-ca, istio-cni, falcoctl, istio-operator, kyverno, fulcio, melange, tkn, skaffold, flux-source-controller, cosign, tekton-chains, keda, argo-workflows, nerdctl, cilium, zarf, istio-pilot-discovery, dex, kargo, rook, oauth2-proxy, gitsign, aactl, containerd,...

GHSA-VFP6-JRW2-99G9 vulnerabilities

Vulnerabilities for packages: goreleaser, policy-controller, falco, kubescape, ko, apko, slsa-verifier, melange, tkn, skaffold, aactl, cosign, tekton-chains,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, aws-efs-csi-driver, aws-ebs-csi-driver, prometheus-adapter, ip-masq-agent, nodetaint, calico, cluster-autoscaler,...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, aws-efs-csi-driver, aws-ebs-csi-driver, prometheus-adapter, ip-masq-agent, nodetaint, calico, cluster-autoscaler,...

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: flux-helm-controller, zarf, k9s, eksctl, cert-manager, helm-push, kots, kubescape, chartmuseum, cilium-cli, zot, istio-operator, helm-operator, up, trivy, flux-source-controller,...

CVE-2023-29405 vulnerabilities

Vulnerabilities for packages: falco, kind,...

CVE-2024-29903 vulnerabilities

Vulnerabilities for packages: falcoctl, melange, tkn, skaffold, flux-source-controller, tekton-chains, zarf, gitsign, aactl, spire-server, goreleaser, kubescape, zot, policy-controller, wolfictl, neuvector-sigstore-interface, ko, apko, slsa-verifier, vexctl,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: helm, gomplate, cloud-sql-proxy, bank-vaults, kyverno, caddy, nfs-subdir-external-provisioner, cluster-autoscaler, nerdctl, nri-mssql, secrets-store-csi-driver, oauth2-proxy, crossplane, node-problem-detector, traefik, kubewatch, flux-image-reflector-controller, kots,....

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: helm, buildkitd, pulumi-language-yaml, dgraph, cilium-envoy, prometheus-stackdriver-exporter, up, cosign, flux-source-controller, keda, gitlab-pages, flux-helm-controller, aws-efs-csi-driver, dex, dynamic-localpv-provisioner, pulumi-kubernetes-operator,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, kyverno, kind, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy, node-problem-detector, traefik, kubewatch, minio, kubevela, kots, conftest, kubescape,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...