FileBird – WordPress Media Library Folders & File Manager Security Vulnerabilities

Exploit for Improper Preservation of Permissions in Mobyproject Moby

CVE-2021-41091 This exploit offers an in-depth look at the...

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, fulcio, opentofu, buildkitd, kyverno, terraform, terragrunt, cosign, grafana-mimir, loki, tekton-pipelines, kubernetes-event-exporter, spire-server, kubevela, external-dns, k3d, rekor, rabbitmq-messaging-topology-operator, gitlab-kas,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, kots, metacontroller, kpt, nginx-mainline, conftest, external-dns, pulumi-language-dotnet, flux-source-controller, tomcat, amass, istio-envoy, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: fulcio, kyverno, oauth2-proxy, terragrunt, cosign, external-secrets-operator, kots, tekton-pipelines, cilium-envoy, spire-server, dex, rekor, vault, flux-source-controller, argo-cd, kubescape, sops, traefik, cloudflared, gitsign, vexctl, tekton-chains, cert-manager,...

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: bom, loki, tekton-pipelines, chartmuseum, kpt, k3d, kubescape, paranoia, skaffold, up, goreleaser, tekton-chains, k3s, cert-manager, aactl, falco, ctop, slsa-verifier, scorecard,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: fulcio, filebeat, opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, gcsfuse, karpenter, metacontroller, kpt, conftest, prometheus-pushgateway, external-dns, pulumi-language-dotnet, rclone, rekor, doppler-kubernetes-operator,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: cilium-cli, grype, kots, eksctl, tekton-pipelines, gitness, neuvector-agent, kubevela, k3d, flux-source-controller, kubescape, trivy, skaffold, up, telegraf, flux-helm-controller, melange, kaniko, cert-manager, helm-push, helm, newrelic-infrastructure-agent, ctop,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: trivy, cilium-cli, helm-operator, k8sgpt, up, zarf, k9s, istio-operator, flux-source-controller, kubescape, kots, flux-helm-controller, eksctl, zot, cert-manager, chartmuseum,...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: trivy, cilium-cli, helm-operator, k8sgpt, up, zarf, k9s, istio-operator, flux-source-controller, kubescape, kots, flux-helm-controller, eksctl, zot, cert-manager, chartmuseum,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: harbor-registry, timoni, docker-cli, minify, mods, sbom-scorecard, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, aactl, cadvisor, tkn, certificate-transparency,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: gops, fulcio, harbor-registry, grafana-rollout-operator, buildkitd, prometheus-bind-exporter, vt-cli, shfmt, timoni, mods, karpenter, metacontroller, dask-gateway, kpt, conftest, mage, external-dns, pulumi-language-dotnet, rclone, rekor, mongo-tools,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: gops, fulcio, harbor-registry, grafana-rollout-operator, buildkitd, prometheus-bind-exporter, vt-cli, shfmt, timoni, mods, karpenter, metacontroller, dask-gateway, kpt, conftest, mage, external-dns, pulumi-language-dotnet, rclone, rekor, mongo-tools,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: harbor-registry, timoni, minify, mods, sbom-scorecard, opa, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, wgcf, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, octo-sts, aactl, kube-vip, cadvisor, age, tkn,...

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, fulcio, opentofu, buildkitd, kyverno, terraform, terragrunt, cosign, grafana-mimir, loki, tekton-pipelines, kubernetes-event-exporter, spire-server, kubevela, external-dns, k3d, rekor, rabbitmq-messaging-topology-operator, gitlab-kas,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: gops, cortex, cass-operator, wait-for-port, gke-gcloud-auth-plugin, gitlab-logger, prometheus-bind-exporter, render-template, docker-cli, nats, nsc, aws-flb-cloudwatch, sonobuoy, vertical-pod-autoscaler, cilium-envoy, go-bindata, mage, k3d, sbom-scorecard,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,....

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: fulcio, opentofu, buildkitd, prometheus-bind-exporter, terraform, libssh, kots, conftest, external-dns, rekor, mongo-tools, flux-source-controller, dockerize, nri-mssql, amass, terraform-docs, secrets-store-csi-driver, telegraf, prometheus-postgres-exporter, melange,.....

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: bom, filebeat, dagger, buildkitd, kyverno, k9s, cosign, timoni, loki, kots, eksctl, crane, tekton-pipelines, docker-credential-gcr, kubevela, kubescape, traefik, trivy, zarf, k8sgpt, skaffold, up, guac, gitsign, telegraf, vexctl, goreleaser, tekton-chains,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: fulcio, filebeat, opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, gcsfuse, karpenter, metacontroller, kpt, conftest, prometheus-pushgateway, external-dns, pulumi-language-dotnet, rclone, rekor, doppler-kubernetes-operator,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: cortex, fulcio, filebeat, harbor-registry, buildkitd, grafana, kyverno, step, terragrunt, cosign, external-secrets-operator, grafana-mimir, loki, tekton-pipelines, tempo, spire-server, external-dns, rclone, rekor, flux-source-controller, kubescape,...

GHSA-M5VV-6R4H-3VJ9 vulnerabilities

Vulnerabilities for packages: cortex, fulcio, filebeat, harbor-registry, buildkitd, grafana, kyverno, step, terragrunt, cosign, external-secrets-operator, grafana-mimir, loki, tekton-pipelines, tempo, spire-server, external-dns, rclone, rekor, flux-source-controller, kubescape,...

CVE-2023-45142 vulnerabilities

Vulnerabilities for packages: calico, gatekeeper, kubevela, caddy, ipfs, keda, up, gitlab-kas, prometheus-adapter, prometheus, thanos, k3s, kubernetes,...

GHSA-RCJV-MGP8-QVMR vulnerabilities

Vulnerabilities for packages: calico, gatekeeper, kubevela, caddy, ipfs, keda, up, gitlab-kas, prometheus-adapter, prometheus, thanos, k3s, kubernetes,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: harbor-registry, timoni, docker-cli, minify, mods, sbom-scorecard, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, aactl, cadvisor, tkn, certificate-transparency,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: harbor-registry, timoni, minify, mods, sbom-scorecard, opa, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, wgcf, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, octo-sts, aactl, kube-vip, cadvisor, age, tkn,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, amass, mc, aws-efs-csi-driver,...

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: fulcio, grafana, step, oauth2-proxy, grpc-health-probe, cosign, terragrunt, external-secrets-operator, tekton-pipelines, spire-server, dex, istio-cni, rekor, vault, rabbitmq-messaging-topology-operator, istio-operator, flux-source-controller, argo-cd, rook, minio,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: envoy-ratelimit, containerd, cri-tools, k3s, docker-compose, kubevela, keda, kyverno, temporal, temporal-server, kubescape, argo-cd, kubernetes-csi-external-resizer, aws-ebs-csi-driver, kubernetes, cert-manager,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: gops, fulcio, harbor-registry, grafana-rollout-operator, buildkitd, prometheus-bind-exporter, vt-cli, shfmt, timoni, mods, karpenter, metacontroller, dask-gateway, kpt, conftest, mage, external-dns, pulumi-language-dotnet, rclone, rekor, mongo-tools,...

GHSA-8PGV-569H-W5RW vulnerabilities

Vulnerabilities for packages: envoy-ratelimit, containerd, cri-tools, k3s, docker-compose, kubevela, keda, kyverno, temporal, temporal-server, kubescape, argo-cd, kubernetes-csi-external-resizer, aws-ebs-csi-driver, kubernetes, cert-manager,...

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: trivy, cilium-cli, helm-operator, k8sgpt, up, zarf, k9s, istio-operator, flux-source-controller, kubescape, kots, flux-helm-controller, eksctl, zot, cert-manager, chartmuseum,...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: harbor-registry, timoni, minify, mods, sbom-scorecard, opa, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, wgcf, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, octo-sts, aactl, kube-vip, cadvisor, age, tkn,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: gops, cortex, cass-operator, wait-for-port, gke-gcloud-auth-plugin, gitlab-logger, prometheus-bind-exporter, render-template, docker-cli, nats, nsc, aws-flb-cloudwatch, sonobuoy, vertical-pod-autoscaler, cilium-envoy, go-bindata, mage, k3d, sbom-scorecard,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: gops, cortex, cass-operator, wait-for-port, gke-gcloud-auth-plugin, gitlab-logger, prometheus-bind-exporter, render-template, docker-cli, nats, nsc, aws-flb-cloudwatch, sonobuoy, vertical-pod-autoscaler, cilium-envoy, go-bindata, mage, k3d, sbom-scorecard,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: gops, cortex, cass-operator, wait-for-port, gke-gcloud-auth-plugin, gitlab-logger, prometheus-bind-exporter, render-template, docker-cli, nats, nsc, aws-flb-cloudwatch, sonobuoy, vertical-pod-autoscaler, cilium-envoy, go-bindata, mage, k3d, sbom-scorecard,...

CVE-2024-28180 vulnerabilities

Vulnerabilities for packages: fulcio, grafana, step, oauth2-proxy, grpc-health-probe, cosign, terragrunt, external-secrets-operator, tekton-pipelines, spire-server, dex, istio-cni, rekor, vault, rabbitmq-messaging-topology-operator, istio-operator, flux-source-controller, argo-cd, rook, minio,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: fulcio, opentofu, buildkitd, prometheus-bind-exporter, terraform, libssh, kots, conftest, external-dns, rekor, mongo-tools, flux-source-controller, dockerize, nri-mssql, amass, terraform-docs, secrets-store-csi-driver, telegraf, prometheus-postgres-exporter, melange,.....

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,....

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, amass, mc, aws-efs-csi-driver,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: cortex, buildkitd, oauth2-proxy, pulumi-language-java, cosign, terraform, weaviate, grype, pulumi-language-yaml, kots, node-problem-detector, cilium-envoy, kubernetes-csi-node-driver-registrar, calico, conftest, kubevela, external-dns, dex, k3d, neuvector-agent,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, kots, metacontroller, kpt, nginx-mainline, conftest, external-dns, pulumi-language-dotnet, flux-source-controller, tomcat, amass, istio-envoy, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...