F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, PEM, PSM Security Vulnerabilities and Issues — F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, PEM, PSM CVE List

ibm

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details ** CVEID: CVE-2023-49569 DESCRIPTION: **go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the...

9.8CVSS

10AI Score

EPSS

2024-06-26 09:20 AM

6

wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, falcoctl, nats, trillian, osv-scanner, step-ca, kaniko, aws-efs-csi-driver, thanos, kubernetes-csi-external-provisioner, capslock, k8sgpt, datadog-agent, kots, kubeadm-bootstrap-controller, spicedb, temporal-server,...

7.5AI Score

2024-06-26 09:08 AM

180

wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.8AI Score

0.0004EPSS

2024-06-26 09:08 AM

191

wolfi

CVE-2023-46402 vulnerabilities

Vulnerabilities for packages: melange, pulumi-kubernetes-operator, argo-cd, flux-notification-controller,...

7.5CVSS

7.7AI Score

0.0005EPSS

2024-06-26 09:08 AM

317

wolfi

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, ip-masq-agent, kubernetes, spark-operator, aws-ebs-csi-driver, cluster-autoscaler, node-feature-discovery, kubernetes-csi-driver-hostpath, local-static-provisioner, nodetaint,...

2.7CVSS

4.3AI Score

0.0004EPSS

2024-06-26 09:08 AM

75

wolfi

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy, docker, melange, k3d, prometheus, wolfictl, docker-compose, buf, grype, kaniko, neuvector-scanner, tekton-pipelines, syft, dagger, cri-tools, helm-push,...

7.5AI Score

2024-06-26 09:08 AM

65

wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: envoy-ratelimit, gobuster, nats, aws-efs-csi-driver, thanos, kots, kubernetes-csi-livenessprobe, external-dns, grype, ollama, pulumi-language-dotnet, tctl, metacontroller, tomcat, vault-csi-provider, prometheus, up, gitlab-runner, telegraf,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-26 09:08 AM

608

wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: kubescape, cosign, dex, vexctl, cert-manager, rekor, tekton-pipelines, slsa-verifier, sops, tkn, argo-workflows, oauth2-proxy, kots, terragrunt, spire-server, argo-cd, aactl, kyverno, tekton-chains, external-secrets-operator, gitsign, cloudflared, fulcio,...

7.5AI Score

2024-06-26 09:08 AM

346

wolfi

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: docker, kubescape, ingress-nginx-controller, kaniko, newrelic-infrastructure-agent, datadog-agent, nvidia-device-plugin, kots, k3s, buildkitd, grype, nerdctl, zarf, runc, trivy, skopeo, wolfictl, telegraf, ctop, syft, k9s, skaffold, k3d, kubernetes, cadvisor,...

8.6CVSS

9.2AI Score

0.051EPSS

2024-06-26 09:08 AM

293

wolfi

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: kubescape, helm, cert-manager, kaniko, tekton-pipelines, newrelic-infrastructure-agent, fuse-overlayfs-snapshotter, helm-push, kots, eksctl, gitness, grype, trivy, melange, up, telegraf, ctop, neuvector-agent, skaffold, cilium-cli, k3d, flux-source-controller, zot,...

7.5AI Score

2024-06-26 09:08 AM

222

wolfi

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: eksctl, cilium-cli, kubescape, up, cert-manager, k9s, flux-source-controller, istio-operator, trivy, zot, zarf, k8sgpt, helm-operator, flux-helm-controller, helm-push, kots,...

6.4CVSS

6.7AI Score

0.0004EPSS

2024-06-26 09:08 AM

102

wolfi

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: eksctl, cilium-cli, kubescape, up, cert-manager, k9s, flux-source-controller, istio-operator, trivy, zot, zarf, k8sgpt, helm-operator, flux-helm-controller, helm-push, kots,...

7.5AI Score

2024-06-26 09:08 AM

100

wolfi

GHSA-888H-RM2R-VRC7 vulnerabilities

Vulnerabilities for packages: kind, policy-controller,...

7.5AI Score

2024-06-26 09:08 AM

85

wolfi

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: kubescape, falcoctl, vexctl, tkn, slsa-verifier, policy-controller, spire-server, aactl, neuvector-sigstore-interface, zarf, goreleaser, tekton-chains, gitsign, melange, wolfictl, apko, skaffold, flux-source-controller, falco, zot,...

7.5AI Score

2024-06-26 09:08 AM

88

wolfi

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, cosign, falcoctl, kubescape, influxd, terraform, loki, step-ca, vexctl, flux, cert-manager, gomplate, bank-vaults, rekor, slsa-verifier, sops, tekton-pipelines, guac, tkn, snyk-cli, k3s, opentofu, policy-controller, buildkitd, spire-server,.....

6CVSS

6.2AI Score

0.0004EPSS

2024-06-26 09:08 AM

4

wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, snyk-cli, spicedb, velero-plugin-for-aws, ollama, kube-vip, timestamp-authority, pulumi-language-dotnet, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic, nri-nginx,....

5.5CVSS

6.1AI Score

0.0004EPSS

2024-06-26 09:08 AM

24

wolfi

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, cosign, falcoctl, kubescape, influxd, terraform, loki, step-ca, vexctl, flux, cert-manager, gomplate, bank-vaults, rekor, slsa-verifier, sops, tekton-pipelines, guac, tkn, snyk-cli, k3s, opentofu, policy-controller, buildkitd, spire-server,.....

7.5AI Score

2024-06-26 09:08 AM

wolfi

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: gobuster, nats, dgraph, render-template, flannel-cni-plugin, sbom-scorecard, gitlab-logger, slsa-verifier, gosu, prometheus-stackdriver-exporter, sops, cni-plugins, gke-gcloud-auth-plugin, gops, helm-push, cortex, docker-cli, sonobuoy, aactl, wait-for-port,...

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-26 09:08 AM

59

wolfi

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy, docker, melange, k3d, prometheus, wolfictl, docker-compose, buf, grype, kaniko, neuvector-scanner, tekton-pipelines, syft, dagger, cri-tools, helm-push,...

4.7CVSS

4.9AI Score

0.0004EPSS

2024-06-26 09:08 AM

8

wolfi

CVE-2023-29403 vulnerabilities

Vulnerabilities for packages: kind, policy-controller,...

7.8CVSS

9.2AI Score

0.001EPSS

2024-06-26 09:08 AM

15

wolfi

GHSA-F2CJ-5636-4J38 vulnerabilities

Vulnerabilities for packages: kind, policy-controller,...

7.5AI Score

2024-06-26 09:08 AM

7

wolfi

GHSA-RXX3-4978-3CC9 vulnerabilities

Vulnerabilities for packages: kind, policy-controller,...

7.5AI Score

2024-06-26 09:08 AM

5

wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, spicedb, temporal-server, velero-plugin-for-aws, ollama, timestamp-authority, pulumi-language-dotnet, hubble, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic,...

6.8AI Score

0.0004EPSS

2024-06-26 09:08 AM

58

wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, trillian, osv-scanner, step-ca, logstash, flyte, aws-efs-csi-driver, thanos, go, gosu, capslock, jitsucom-bulker, k8sgpt, kubernetes-csi-external-provisioner, local-static-provisioner, dask-gateway, snyk-cli, helm-push,...

6.5AI Score

0.0004EPSS

2024-06-26 09:08 AM

20

wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, trillian, osv-scanner, step-ca, logstash, flyte, aws-efs-csi-driver, thanos, go, gosu, capslock, jitsucom-bulker, k8sgpt, kubernetes-csi-external-provisioner, local-static-provisioner, dask-gateway, snyk-cli, helm-push,...

7.5AI Score

2024-06-26 09:08 AM

16

wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, gobuster, falcoctl, trillian, aws-efs-csi-driver, thanos, kubernetes-csi-external-provisioner, k8sgpt, kots, kubernetes-csi-livenessprobe, prometheus-statsd-exporter, external-dns, ollama, aws-ebs-csi-driver, pulumi-language-dotnet,...

6.1CVSS

7.3AI Score

0.001EPSS

2024-06-26 09:08 AM

94

wolfi

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: kubescape, cosign, falcoctl, loki, helm, vexctl, cert-manager, tekton-pipelines, newrelic-infrastructure-agent, slsa-verifier, cri-tools, guac, k8sgpt, argo-workflows, flux-image-reflector-controller, datadog-agent, kots, k3s, policy-controller, buildkitd, eksctl,...

7.8CVSS

7.5AI Score

0.001EPSS

2024-06-26 09:08 AM

29

wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.8AI Score

0.0004EPSS

2024-06-26 09:08 AM

42

wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM

28

wolfi

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: kubescape, cosign, falcoctl, loki, step-ca, flux, cert-manager, flyte, bank-vaults, harbor-registry, rekor, sops, tekton-pipelines, guac, thanos, k8sgpt, argo-workflows, tkn, terragrunt, boring-registry, policy-controller, buildkitd, airflow, spire-server, cortex,...

5.5CVSS

6AI Score

0.0004EPSS

2024-06-26 09:08 AM

13

wolfi

GHSA-M5VV-6R4H-3VJ9 vulnerabilities

Vulnerabilities for packages: kubescape, cosign, falcoctl, loki, step-ca, flux, cert-manager, flyte, bank-vaults, harbor-registry, rekor, sops, tekton-pipelines, guac, thanos, k8sgpt, argo-workflows, tkn, terragrunt, boring-registry, policy-controller, buildkitd, airflow, spire-server, cortex,...

7.5AI Score

2024-06-26 09:08 AM

7

wolfi

GHSA-3F2Q-6294-FMQ5 vulnerabilities

Vulnerabilities for packages: melange, pulumi-kubernetes-operator, argo-cd, flux-notification-controller,...

7.5AI Score

2024-06-26 09:08 AM

26

wolfi

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, gobuster, falcoctl, nats, trillian, step-ca, thanos, helm-push, kots, temporal-server, prometheus-statsd-exporter, external-dns, grype, ollama, nerdctl, crossplane-provider-aws, tekton-chains, vault-csi-provider, trivy, prometheus, up,...

5.9CVSS

7.1AI Score

0.963EPSS

2024-06-26 09:08 AM

134

wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, falcoctl, nats, trillian, osv-scanner, step-ca, kaniko, aws-efs-csi-driver, thanos, kubernetes-csi-external-provisioner, capslock, k8sgpt, datadog-agent, kots, kubeadm-bootstrap-controller, spicedb, temporal-server,...

6.7AI Score

0.0004EPSS

2024-06-26 09:08 AM

30

wolfi

GHSA-88JX-383Q-W4QC vulnerabilities

Vulnerabilities for packages: kubescape, falcoctl, vexctl, tkn, slsa-verifier, policy-controller, spire-server, aactl, neuvector-sigstore-interface, zarf, goreleaser, tekton-chains, gitsign, melange, wolfictl, apko, skaffold, flux-source-controller, falco, zot,...

7.5AI Score

2024-06-26 09:08 AM

14

wolfi

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, spicedb, temporal-server, velero-plugin-for-aws, ollama, timestamp-authority, pulumi-language-dotnet, hubble, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic,...

7.5AI Score

2024-06-26 09:08 AM

20

wolfi

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, trillian, osv-scanner, step-ca, logstash, flyte, aws-efs-csi-driver, thanos, go, gosu, capslock, jitsucom-bulker, k8sgpt, kubernetes-csi-external-provisioner, local-static-provisioner, dask-gateway, snyk-cli, helm-push,...

7.5AI Score

2024-06-26 09:08 AM

21

wolfi

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, snyk-cli, spicedb, velero-plugin-for-aws, ollama, kube-vip, timestamp-authority, pulumi-language-dotnet, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic, nri-nginx,....

9.8CVSS

9.8AI Score

0.001EPSS

2024-06-26 09:08 AM

49

wolfi

CVE-2023-46737 vulnerabilities

Vulnerabilities for packages: melange, kubescape, cosign, tekton-chains, aactl, apko, tkn, slsa-verifier, goreleaser, spire-server, falco, skaffold, policy-controller,...

5.3CVSS

5.1AI Score

0.0005EPSS

2024-06-26 09:08 AM

15

wolfi

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, gobuster, falcoctl, nats, trillian, aws-efs-csi-driver, thanos, go, kubernetes-csi-external-provisioner, k8sgpt, kots, kubernetes-csi-livenessprobe, prometheus-statsd-exporter, external-dns, ollama, aws-ebs-csi-driver,...

7.5CVSS

8.4AI Score

0.002EPSS

2024-06-26 09:08 AM

49

wolfi

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: cosign, dex, falcoctl, dgraph, step-ca, vexctl, gomplate, cert-manager, rekor, tekton-pipelines, slsa-verifier, tkn, frp, guac, argo-workflows, istio-cni, oauth2-proxy, terragrunt, policy-controller, grpc-health-probe, spire-server, minio, step, argo-cd, aactl,...

7.5AI Score

2024-06-26 09:08 AM

26

wolfi

GHSA-VFP6-JRW2-99G9 vulnerabilities

Vulnerabilities for packages: melange, kubescape, cosign, tekton-chains, aactl, apko, tkn, slsa-verifier, goreleaser, spire-server, falco, skaffold, policy-controller,...

7.5AI Score

2024-06-26 09:08 AM

11

wolfi

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM

22

wolfi

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM

24

wolfi

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM

21

wolfi

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: kubescape, cosign, vexctl, flux, kaniko, tkn, slsa-verifier, sops, terragrunt, boring-registry, policy-controller, spire-server, gitness, argo-cd, aactl, pulumi-language-java, pulumi-language-dotnet, zarf, goreleaser, pulumi, crossplane-provider-aws, tekton-chains,...

7.5AI Score

2024-06-26 09:08 AM

43

wolfi

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, ip-masq-agent, spark-operator, aws-ebs-csi-driver, aws-efs-csi-driver, cluster-autoscaler, prometheus-adapter, nodetaint,...

8.8CVSS

8.1AI Score

0.001EPSS

2024-06-26 09:08 AM

34

wolfi

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, ip-masq-agent, spark-operator, aws-ebs-csi-driver, aws-efs-csi-driver, cluster-autoscaler, prometheus-adapter, nodetaint,...

7.5AI Score

2024-06-26 09:08 AM

12

wolfi

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: eksctl, cilium-cli, kubescape, up, cert-manager, k9s, flux-source-controller, istio-operator, trivy, zot, zarf, k8sgpt, helm-operator, flux-helm-controller, helm-push, kots,...

7.5CVSS

7.7AI Score

0.0004EPSS

2024-06-26 09:08 AM

8

wolfi

CVE-2023-29405 vulnerabilities

Vulnerabilities for packages: kind, policy-controller,...

9.8CVSS

9.9AI Score

0.005EPSS

2024-06-26 09:08 AM

11