BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator Security Vulnerabilities

CVE-2024-36081

Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a configuration file containing a cleartext password. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the...

CVE-2024-36080

Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the...

CVE-2024-36080

Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the...

CVE-2024-36081

Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a configuration file containing a cleartext password. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the...

GHSA-622H-H2P8-743X vulnerabilities

Vulnerabilities for packages:...

CVE-2023-32188 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-46402 vulnerabilities

Vulnerabilities for packages: argo-workflows, argo-cd, pulumi-kubernetes-operator, melange,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler, ip-masq-agent, kubernetes-csi-driver-hostpath, node-feature-discovery, aws-ebs-csi-driver, local-static-provisioner, kubernetes-dns-node-cache, kubernetes, calico, nodetaint, kubeflow-pipelines,...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: helm-push, prometheus, docker-compose, dagger, buf, grype, syft, k3d, kaniko, tekton-pipelines, cri-tools, neuvector-scanner, docker, policy-controller, harbor-scanner-trivy, melange,...

GHSA-888H-RM2R-VRC7 vulnerabilities

Vulnerabilities for packages: falco, policy-controller,...

CVE-2023-5043 vulnerabilities

Vulnerabilities for packages:...

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: skaffold, zarf, tekton-chains, flux-source-controller, falcoctl, spire-server, wolfictl, ko, aactl, zot, apko, falco, kubescape, gitsign, tkn, goreleaser, policy-controller, slsa-verifier,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: scorecard, ingress-nginx-controller, metacontroller, flux-kustomize-controller, up, calico, istio-envoy, influxd, gatekeeper, kubernetes-csi-livenessprobe, pulumi, gomplate, ko, pulumi-language-yaml, envoy-ratelimit, gitlab-shell, kubewatch, cert-manager, nats,...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: cosign, flux-kustomize-controller, kyverno, vault, keda, tekton-chains, external-secrets-operator, flux-source-controller, cilium-envoy, traefik, sops, tekton-pipelines, spire-server, aactl, terragrunt, cert-manager, vexctl, istio-pilot-discovery, dex, cloudflared,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: scorecard, ingress-nginx-controller, metacontroller, prometheus-mysqld-exporter, prometheus-node-exporter, up, vault, bank-vaults, calico, rabbitmq-messaging-topology-operator, influxd, gatekeeper, influx, kube-fluentd-operator, smarter-device-manager, filebeat,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller, skaffold, nvidia-device-plugin, k3d, zarf, k9s, docker, skopeo, cadvisor, datadog-agent, buildkitd, k3s, nerdctl, kaniko, newrelic-infrastructure-agent, telegraf, wolfictl, zot, ctop, kubescape, trivy, kubernetes, grype, syft, kots,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: skaffold, fuse-overlayfs-snapshotter, up, k3d, eksctl, flux-source-controller, gitness, helm, kaniko, newrelic-infrastructure-agent, tekton-pipelines, telegraf, cert-manager, zot, ctop, helm-push, kubescape, cilium-cli, trivy, grype, flux-helm-controller, kots,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: kubescape, k8sgpt, helm-operator, cilium-cli, up, k9s, trivy, chartmuseum, cert-manager, eksctl, zarf, flux-helm-controller, kots, zot, flux-source-controller, helm-push,...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: kubescape, k8sgpt, helm-operator, cilium-cli, up, k9s, trivy, chartmuseum, cert-manager, eksctl, zarf, flux-helm-controller, kots, zot, flux-source-controller, helm-push,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: scorecard, metacontroller, prometheus-mysqld-exporter, bank-vaults, gatekeeper, cni-plugins, node-feature-discovery, src-fingerprint, pulumi, datadog-agent, k3s, nri-discovery-kubernetes, pombump, ferretdb, kafka_exporter, ko, terragrunt, src, mc, neuvector-scanner,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: overmind, gostatsd, metacontroller, prometheus-mysqld-exporter, scorecard, flux-kustomize-controller, rabbitmq-default-user-credential-updater, nats-server, bank-vaults, go-md2man, croc, harbor, influx, smarter-device-manager, stern, kubernetes-csi-livenessprobe,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: overmind, gostatsd, metacontroller, prometheus-mysqld-exporter, scorecard, flux-kustomize-controller, rabbitmq-default-user-credential-updater, nats-server, bank-vaults, go-md2man, croc, harbor, influx, smarter-device-manager, stern, kubernetes-csi-livenessprobe,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: dgraph, go-bindata, scorecard, go-md2man, go-licenses, k3d, petname, hey, influx, cni-plugins, cilium-envoy, smarter-device-manager, aws-flb-cloudwatch, cortex, ip-masq-agent, sbom-scorecard, gitlab-logger, sops, aws-flb-kinesis, amass, nri-discovery-kubernetes, oras,....

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: helm-push, prometheus, docker-compose, dagger, buf, grype, syft, k3d, kaniko, tekton-pipelines, cri-tools, neuvector-scanner, docker, policy-controller, harbor-scanner-trivy, melange,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: metacontroller, prometheus-mysqld-exporter, prometheus-node-exporter, flux-kustomize-controller, vault, bank-vaults, influxd, gatekeeper, kube-fluentd-operator, kubernetes-csi-livenessprobe, pulumi, crossplane-provider-azure, consul, k3s, prometheus-postgres-exporter,....

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: scorecard, prometheus-mysqld-exporter, prometheus-node-exporter, flux-kustomize-controller, up, nats-server, bank-vaults, vault, calico, influxd, gatekeeper, kube-fluentd-operator, src-fingerprint, pulumi, crossplane-provider-azure, consul, cadvisor, k3s, sops,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: scorecard, cosign, prometheus, skaffold, kyverno, up, eksctl, kargo, tekton-chains, zarf, k9s, filebeat, skopeo, traefik, bom, falcoctl, k8sgpt, pulumi, docker-credential-gcr, cadvisor, buildkitd, datadog-agent, k3s, nerdctl, helm, kubeflow-katib,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: scorecard, ingress-nginx-controller, metacontroller, prometheus-mysqld-exporter, prometheus-node-exporter, up, vault, bank-vaults, calico, rabbitmq-messaging-topology-operator, influxd, gatekeeper, influx, kube-fluentd-operator, smarter-device-manager, filebeat,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: nri-mongodb, scorecard, ingress-nginx-controller, prometheus-mysqld-exporter, prometheus-node-exporter, up, nats-server, go-md2man, calico, nri-memcached, gatekeeper, influx, cni-plugins, filebeat, smarter-device-manager, kubernetes-csi-livenessprobe,...

GHSA-3F2Q-6294-FMQ5 vulnerabilities

Vulnerabilities for packages: argo-workflows, argo-cd, pulumi-kubernetes-operator, melange,...

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: ggshield, kubeflow-jupyter-web-app, confluent-docker-utils, kubeflow-pipelines-visualization-server, az, kubeflow-katib, kubeflow-pipelines, py3-cassandra-medusa, k8s-sidecar, py3-idna,...

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: ggshield, kubeflow-jupyter-web-app, confluent-docker-utils, kubeflow-pipelines-visualization-server, az, kubeflow-katib, kubeflow-pipelines, py3-cassandra-medusa, k8s-sidecar, py3-idna,...

GHSA-H75V-3VVJ-5MFJ vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, confluent-docker-utils, reflex, superset,...

CVE-2024-30251 vulnerabilities

Vulnerabilities for packages:...

GHSA-5M98-QGG9-WH84 vulnerabilities

Vulnerabilities for packages:...

GHSA-F2CJ-5636-4J38 vulnerabilities

Vulnerabilities for packages: falco, policy-controller,...

GHSA-RXX3-4978-3CC9 vulnerabilities

Vulnerabilities for packages: falco, policy-controller,...

CVE-2023-29403 vulnerabilities

Vulnerabilities for packages: falco, policy-controller,...

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: kubescape, k8sgpt, helm-operator, cilium-cli, up, k9s, trivy, chartmuseum, cert-manager, eksctl, zarf, flux-helm-controller, kots, zot, flux-source-controller, helm-push,...

CVE-2024-34064 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, confluent-docker-utils, reflex, superset,...

CVE-2024-27306 vulnerabilities

Vulnerabilities for packages: py3-cassandra-medusa,...

CVE-2023-29405 vulnerabilities

Vulnerabilities for packages: falco, policy-controller,...

GHSA-88JX-383Q-W4QC vulnerabilities

Vulnerabilities for packages: skaffold, zarf, tekton-chains, flux-source-controller, falcoctl, spire-server, wolfictl, ko, aactl, zot, apko, falco, kubescape, gitsign, tkn, goreleaser, policy-controller, slsa-verifier,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: scorecard, metacontroller, prometheus-mysqld-exporter, bank-vaults, gatekeeper, cni-plugins, node-feature-discovery, src-fingerprint, pulumi, datadog-agent, k3s, nri-discovery-kubernetes, pombump, ferretdb, kafka_exporter, ko, terragrunt, src, mc, neuvector-scanner,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: metacontroller, prometheus-mysqld-exporter, prometheus-node-exporter, flux-kustomize-controller, up, vault, bank-vaults, influxd, gatekeeper, kube-fluentd-operator, kubernetes-csi-livenessprobe, pulumi, crossplane-provider-azure, consul, k3s,...

GHSA-VFP6-JRW2-99G9 vulnerabilities

Vulnerabilities for packages: falco, ko, cosign, kubescape, skaffold, melange, aactl, tkn, tekton-chains, spire-server, policy-controller, slsa-verifier,...

CVE-2023-46737 vulnerabilities

Vulnerabilities for packages: falco, ko, cosign, kubescape, skaffold, melange, aactl, tkn, tekton-chains, spire-server, policy-controller, slsa-verifier,...

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: cosign, rook, skaffold, flux-kustomize-controller, kyverno, vault, bank-vaults, istio-cni, rabbitmq-messaging-topology-operator, kargo, keda, tekton-chains, external-secrets-operator, sigstore-scaffolding, zarf, flux-source-controller, skopeo, traefik, istio-operator,....