BIG-IP, Enterprise Manager Security Vulnerabilities

Exploit for Deserialization of Untrusted Data in Clear Clearml

ClearML Exploit Script This repository contains a Python...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: cloudflared, argo-cd, kyverno, gitsign, keda, cert-manager, argo-workflows, terragrunt, istio-pilot-discovery, kubescape, spire-server, vault, cilium-envoy, dex, sops, flux-kustomize-controller, traefik, fulcio, flux-source-controller, rekor, cosign, kots,...

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: bom, chartmuseum, prometheus, k3s, cert-manager, paranoia, kpt, ctop, k3d, kubescape, up, goreleaser, loki, falco, tekton-chains, aactl, slsa-verifier, tekton-pipelines, skaffold,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, node-feature-discovery, kubernetes-csi-driver-hostpath, aws-ebs-csi-driver, ip-masq-agent, cluster-autoscaler, calico, spark-operator, nodetaint, kubernetes,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: external-dns, dynamic-localpv-provisioner, argo-cd, thanos, terraform-provider-azurerm, helm, kpt, amass, grpcurl, fuse-overlayfs-snapshotter, coredns, hey, git-lfs, traefik, gatekeeper, pulumi-language-java, minio, hugo, vault-csi-provider, nri-prometheus, aactl,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: kubevela, gitness, newrelic-infrastructure-agent, cert-manager, helm, ctop, k3d, kubescape, melange, up, fuse-overlayfs-snapshotter, eksctl, zot, trivy, cilium-cli, flux-source-controller, kaniko, telegraf, kots, helm-push, tekton-pipelines, grype, neuvector-agent,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: k9s, kots, zot, trivy, helm-push, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-operator, k8sgpt, up, zarf, flux-helm-controller, cert-manager, istio-operator,...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: k9s, kots, zot, trivy, helm-push, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-operator, k8sgpt, up, zarf, flux-helm-controller, cert-manager, istio-operator,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, velero, thanos, kuberay-operator, terraform-provider-azurerm, argo-workflows, helm, kpt, ctop,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: nri-jmx, gobump, external-dns, kuberay-operator, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, kube-rbac-proxy, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached, kor,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: gobump, external-dns, extism, dynamic-localpv-provisioner, libnvidia-container, grafana-operator, dockerize, tigera-operator, thanos, hello-world-golang, helm, docker-credential-acr-env, docker-credential-gcr, kpt, src-fingerprint, ctop, grpcurl, kubebuilder, rclone,.....

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: nri-jmx, gobump, dagger, external-dns, kuberay-operator, neuvector-controller, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached,....

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, vertical-pod-autoscaler, dgraph, gobuster, gitlab-logger, wait-for-port, aws-flb-kinesis, cortex, prometheus-bind-exporter, nsc, scorecard, ctop, amass, grpcurl, k3d, local-path-provisioner, nats, gke-gcloud-auth-plugin, ip-masq-agent, goreleaser,.....

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, kyverno-policy-reporter, external-dns, dynamic-localpv-provisioner, tigera-operator, argo-cd, dockerize, thanos, terraform-provider-azurerm, argo-workflows, helm, docker-credential-acr-env, src-fingerprint, terragrunt, amass,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: kubevela, bom, datadog-agent, nerdctl, newrelic-infrastructure-agent, dagger, crane, prometheus, kyverno, gitsign, k3s, cert-manager, kubeflow-katib, argo-workflows, helm, k9s, scorecard, docker-credential-gcr, falcoctl, istio-pilot-agent, guac, ctop,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, velero, thanos, kuberay-operator, terraform-provider-azurerm, argo-workflows, helm, kpt, ctop,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: restic, external-dns, step-ca, grafana-agent-operator, secrets-store-csi-driver-provider-azure, velero, prometheus, kyverno, keda, thanos, cert-manager, chezmoi, teleport, cortex, argo-workflows, rook, harbor-registry, falcoctl, fluent-bit-plugin-loki, ksops, guac,...

GHSA-M5VV-6R4H-3VJ9 vulnerabilities

Vulnerabilities for packages: restic, external-dns, step-ca, grafana-agent-operator, secrets-store-csi-driver-provider-azure, velero, prometheus, kyverno, keda, thanos, cert-manager, chezmoi, teleport, cortex, argo-workflows, rook, harbor-registry, falcoctl, fluent-bit-plugin-loki, ksops, guac,...

CVE-2023-45142 vulnerabilities

Vulnerabilities for packages: kubevela, gatekeeper, prometheus-adapter, up, gitlab-kas, calico, prometheus, k3s, keda, cert-manager, kubernetes, caddy, thanos,...

GHSA-RCJV-MGP8-QVMR vulnerabilities

Vulnerabilities for packages: kubevela, gatekeeper, prometheus-adapter, up, gitlab-kas, calico, prometheus, k3s, keda, cert-manager, kubernetes, caddy, thanos,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: gobump, external-dns, extism, dynamic-localpv-provisioner, libnvidia-container, grafana-operator, dockerize, tigera-operator, thanos, hello-world-golang, helm, docker-credential-acr-env, docker-credential-gcr, kpt, src-fingerprint, ctop, grpcurl, kubebuilder, rclone,.....

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: gobump, external-dns, extism, dynamic-localpv-provisioner, libnvidia-container, grafana-operator, dockerize, tigera-operator, thanos, hello-world-golang, helm, docker-credential-acr-env, docker-credential-gcr, kpt, src-fingerprint, ctop, grpcurl, kubebuilder, rclone,.....

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: nri-jmx, gobump, external-dns, kuberay-operator, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, kube-rbac-proxy, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached, kor,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: nri-jmx, gobump, dagger, external-dns, kuberay-operator, neuvector-controller, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached,....

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, amass, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: nerdctl, cloudflared, frp, step-ca, istio-cni, argo-cd, kyverno, gitsign, keda, cert-manager, argo-workflows, rook, falcoctl, policy-controller, istio-pilot-agent, guac, terragrunt, istio-pilot-discovery, melange, wolfictl, grafana, ko, spire-server, goreleaser,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...

GHSA-8PGV-569H-W5RW vulnerabilities

Vulnerabilities for packages: temporal-server, kubevela, envoy-ratelimit, kubernetes-csi-external-resizer, temporal, cri-tools, kubescape, containerd, aws-ebs-csi-driver, argo-cd, docker-compose, k3s, keda, cert-manager, kubernetes, kyverno,...

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: temporal-server, kubevela, envoy-ratelimit, kubernetes-csi-external-resizer, temporal, cri-tools, kubescape, containerd, aws-ebs-csi-driver, argo-cd, docker-compose, k3s, keda, cert-manager, kubernetes, kyverno,...

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, prometheus-adapter, aws-ebs-csi-driver, ip-masq-agent, cluster-autoscaler, aws-efs-csi-driver, calico, nodetaint,...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, prometheus-adapter, aws-ebs-csi-driver, ip-masq-agent, cluster-autoscaler, aws-efs-csi-driver, calico, nodetaint,...

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: k9s, kots, zot, trivy, helm-push, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-operator, k8sgpt, up, zarf, flux-helm-controller, cert-manager, istio-operator,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: nri-jmx, gobump, dagger, external-dns, kuberay-operator, neuvector-controller, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached,....

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, vertical-pod-autoscaler, dgraph, gobuster, gitlab-logger, wait-for-port, aws-flb-kinesis, cortex, prometheus-bind-exporter, nsc, scorecard, ctop, amass, grpcurl, k3d, local-path-provisioner, nats, gke-gcloud-auth-plugin, ip-masq-agent, goreleaser,.....

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, vertical-pod-autoscaler, dgraph, gobuster, gitlab-logger, wait-for-port, aws-flb-kinesis, cortex, prometheus-bind-exporter, nsc, scorecard, ctop, amass, grpcurl, k3d, local-path-provisioner, nats, gke-gcloud-auth-plugin, ip-masq-agent, goreleaser,.....

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, amass, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, kyverno-policy-reporter, external-dns, dynamic-localpv-provisioner, tigera-operator, argo-cd, dockerize, thanos, terraform-provider-azurerm, argo-workflows, helm, docker-credential-acr-env, src-fingerprint, terragrunt, amass,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: node-problem-detector, kubevela, envoy-ratelimit, influxd, dgraph, external-dns, pulumi-kubernetes-operator, gitlab-pages, mc, dynamic-localpv-provisioner, argo-cd, cluster-autoscaler, aws-efs-csi-driver, prometheus, keda, kubeflow-katib, cert-manager, spark-operator,....

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: external-dns, dynamic-localpv-provisioner, argo-cd, thanos, terraform-provider-azurerm, helm, kpt, amass, grpcurl, fuse-overlayfs-snapshotter, coredns, hey, git-lfs, traefik, gatekeeper, pulumi-language-java, minio, hugo, vault-csi-provider, nri-prometheus, aactl,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...

GHSA-V53G-5GJP-272R vulnerabilities

Vulnerabilities for packages: k9s, kots, zot, trivy, helm-push, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-operator, k8sgpt, up, zarf, flux-helm-controller, cert-manager, istio-operator,...