Job Manager & Career Security Vulnerabilities

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: gitsign, cert-manager, cloudflared, vault, argo-cd, flux-kustomize-controller, slsa-verifier, keda, sops, oauth2-proxy, dex, kubescape, rekor, vexctl, spire-server, terragrunt, kots, aactl, cosign, fulcio, tekton-chains, cilium-envoy, traefik, kyverno,...

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: loki, paranoia, kpt, cert-manager, scorecard, k3d, bom, slsa-verifier, chartmuseum, kubescape, ctop, aactl, k3s, up, tekton-chains, prometheus, skaffold, goreleaser, falco,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: docker, kubeflow-katib, nvidia-device-plugin, flux, temporal-ui-server, kube-bench, nodetaint, secrets-store-csi-driver-provider-aws, secrets-store-csi-driver, gatekeeper, hugo, crossplane-provider-gcp, k3d, scorecard, envoy-ratelimit, ip-masq-agent, atlantis, keda,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: gitness, helm-push, fuse-overlayfs-snapshotter, newrelic-infrastructure-agent, cert-manager, kaniko, telegraf, k3d, grype, zot, flux-helm-controller, kubescape, ctop, melange, kots, up, cilium-cli, skaffold, eksctl, helm, flux-source-controller, tekton-pipelines,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: cilium-cli, helm-operator, k9s, eksctl, k8sgpt, kots, helm-push, zot, up, cert-manager, flux-helm-controller, flux-source-controller, istio-operator, trivy, chartmuseum, zarf,...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: cilium-cli, helm-operator, k9s, eksctl, k8sgpt, kots, helm-push, zot, up, cert-manager, flux-helm-controller, flux-source-controller, istio-operator, trivy, chartmuseum, zarf,...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, nvidia-device-plugin, nodetaint, secrets-store-csi-driver, gatekeeper, hugo, scorecard, envoy-ratelimit, ip-masq-agent, atlantis, keda, opentofu, sigstore-scaffolding, flux-helm-controller, gitlab-shell, nginx-stable, haproxy-ingress,...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: go-licenses, kubeflow-katib, flux, nri-kafka, temporal-ui-server, secrets-store-csi-driver, gatekeeper, hugo, scorecard, k3d, atlantis, opentofu, sigstore-scaffolding, crossplane-provider-azure, caddy, flux-helm-controller, gitlab-shell, rekor, kube-rbac-proxy,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: vt-cli, node-feature-discovery, cni-plugins, paranoia, gatekeeper, scorecard, crossplane-provider-gcp, k3d, keda, docker-credential-gcr, velero-plugin-for-csi, gitlab-shell, controller-gen, rekor, gobump, sonobuoy, temporal-server, gosu, eksctl, delve,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, flyte, node-feature-discovery, croc, overmind, nvidia-device-plugin, paranoia, docker-credential-ecr-login, kube-bench, regclient, secrets-store-csi-driver-provider-aws, secrets-store-csi-driver, oras, spegel, scorecard,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, flyte, node-feature-discovery, croc, overmind, nvidia-device-plugin, paranoia, docker-credential-ecr-login, kube-bench, regclient, secrets-store-csi-driver-provider-aws, secrets-store-csi-driver, oras, spegel, scorecard,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: gobuster, go-licenses, cni-plugins, vertical-pod-autoscaler, render-template, wait-for-port, aws-flb-firehose, local-path-provisioner, helm-push, petname, amass, docker-credential-ecr-login, prometheus-bind-exporter, oras, gke-gcloud-auth-plugin, mage, scorecard, k3d,....

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, nvidia-device-plugin, flux, nodetaint, secrets-store-csi-driver, gatekeeper, hugo, k3d, opentofu, keda, sigstore-scaffolding, crossplane-provider-azure, chartmuseum, flux-helm-controller, haproxy-ingress, kube-fluentd-operator, memcached-exporter,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: gitsign, loki, k9s, kubeflow-katib, guac, k8sgpt, cri-tools, datadog-agent, newrelic-infrastructure-agent, cert-manager, dagger, telegraf, falcoctl, buildkitd, helm-operator, crane, scorecard, policy-controller, bom, filebeat, slsa-verifier, nerdctl, zot,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: docker, kubeflow-katib, nvidia-device-plugin, flux, temporal-ui-server, kube-bench, nodetaint, secrets-store-csi-driver-provider-aws, secrets-store-csi-driver, gatekeeper, hugo, crossplane-provider-gcp, k3d, scorecard, envoy-ratelimit, ip-masq-agent, atlantis, keda,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

GHSA-RCJV-MGP8-QVMR vulnerabilities

Vulnerabilities for packages: gatekeeper, gitlab-kas, prometheus-adapter, kubernetes, calico, ipfs, keda, k3s, cert-manager, up, kubevela, caddy, prometheus,...

CVE-2023-45142 vulnerabilities

Vulnerabilities for packages: gatekeeper, gitlab-kas, prometheus-adapter, kubernetes, calico, ipfs, keda, k3s, cert-manager, up, kubevela, caddy, prometheus,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: vt-cli, node-feature-discovery, cni-plugins, paranoia, gatekeeper, scorecard, crossplane-provider-gcp, k3d, keda, docker-credential-gcr, velero-plugin-for-csi, gitlab-shell, controller-gen, rekor, gobump, sonobuoy, temporal-server, gosu, eksctl, delve,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, flyte, node-feature-discovery, croc, overmind, nvidia-device-plugin, paranoia, docker-credential-ecr-login, kube-bench, regclient, secrets-store-csi-driver-provider-aws, secrets-store-csi-driver, oras, spegel, scorecard,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, nvidia-device-plugin, flux, nodetaint, secrets-store-csi-driver, gatekeeper, hugo, k3d, atlantis, keda, opentofu, go, sigstore-scaffolding, crossplane-provider-azure, caddy, chartmuseum, flux-helm-controller, gitlab-shell, haproxy-ingress,...

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: gitsign, containerd, guac, cert-manager, istio-operator, falcoctl, cloudflared, vault, argo-cd, policy-controller, flux-kustomize-controller, cilium, wolfictl, rabbitmq-messaging-topology-operator, rook, slsa-verifier, keda, nerdctl, weaviate, sigstore-scaffolding,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: argo-cd, kubernetes-csi-external-resizer, aws-ebs-csi-driver, containerd, docker-compose, kyverno, envoy-ratelimit, temporal, kubernetes, cri-tools, keda, kine, k3s, cert-manager, kubevela, temporal-server,...

GHSA-8PGV-569H-W5RW vulnerabilities

Vulnerabilities for packages: argo-cd, kubernetes-csi-external-resizer, aws-ebs-csi-driver, containerd, docker-compose, kyverno, envoy-ratelimit, temporal, kubernetes, cri-tools, keda, kine, k3s, cert-manager, kubevela, temporal-server,...

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: cilium-cli, helm-operator, k9s, eksctl, k8sgpt, kots, helm-push, zot, up, cert-manager, flux-helm-controller, flux-source-controller, istio-operator, trivy, chartmuseum, zarf,...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: gobuster, go-licenses, cni-plugins, vertical-pod-autoscaler, render-template, wait-for-port, aws-flb-firehose, local-path-provisioner, helm-push, petname, amass, docker-credential-ecr-login, prometheus-bind-exporter, oras, gke-gcloud-auth-plugin, mage, scorecard, k3d,....

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: gobuster, go-licenses, cni-plugins, vertical-pod-autoscaler, render-template, wait-for-port, aws-flb-firehose, local-path-provisioner, helm-push, petname, amass, docker-credential-ecr-login, prometheus-bind-exporter, oras, gke-gcloud-auth-plugin, mage, scorecard, k3d,....

CVE-2024-28180 vulnerabilities

Vulnerabilities for packages: gitsign, containerd, guac, cert-manager, istio-operator, falcoctl, cloudflared, vault, argo-cd, policy-controller, flux-kustomize-controller, cilium, wolfictl, rabbitmq-messaging-topology-operator, rook, slsa-verifier, keda, nerdctl, weaviate, sigstore-scaffolding,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, nvidia-device-plugin, flux, nodetaint, secrets-store-csi-driver, gatekeeper, hugo, k3d, opentofu, keda, sigstore-scaffolding, crossplane-provider-azure, chartmuseum, flux-helm-controller, haproxy-ingress, kube-fluentd-operator, memcached-exporter,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, nvidia-device-plugin, flux, nodetaint, secrets-store-csi-driver, gatekeeper, hugo, k3d, atlantis, keda, opentofu, go, sigstore-scaffolding, crossplane-provider-azure, caddy, chartmuseum, flux-helm-controller, gitlab-shell, haproxy-ingress,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: go-licenses, kubeflow-katib, flux, nri-kafka, temporal-ui-server, secrets-store-csi-driver, gatekeeper, hugo, scorecard, k3d, atlantis, opentofu, sigstore-scaffolding, crossplane-provider-azure, caddy, flux-helm-controller, gitlab-shell, rekor, kube-rbac-proxy,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: flux-notification-controller, minio, prometheus-adapter, kubeflow-katib, terraform-provider-azurerm, nvidia-device-plugin, pulumi-language-yaml, pulumi-kubernetes-operator, cert-manager, telegraf, node-problem-detector, mc, secrets-store-csi-driver, buildkitd,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, nvidia-device-plugin, nodetaint, secrets-store-csi-driver, gatekeeper, hugo, scorecard, envoy-ratelimit, ip-masq-agent, atlantis, keda, opentofu, sigstore-scaffolding, flux-helm-controller, gitlab-shell, nginx-stable, haproxy-ingress,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...

GHSA-V53G-5GJP-272R vulnerabilities

Vulnerabilities for packages: cilium-cli, helm-operator, k9s, eksctl, k8sgpt, kots, helm-push, zot, up, cert-manager, flux-helm-controller, flux-source-controller, istio-operator, trivy, chartmuseum, zarf,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: gobuster, go-licenses, cni-plugins, vertical-pod-autoscaler, render-template, wait-for-port, aws-flb-firehose, local-path-provisioner, helm-push, petname, amass, docker-credential-ecr-login, prometheus-bind-exporter, oras, gke-gcloud-auth-plugin, mage, scorecard, k3d,....

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, flyte, node-feature-discovery, croc, overmind, nvidia-device-plugin, paranoia, docker-credential-ecr-login, kube-bench, regclient, secrets-store-csi-driver-provider-aws, secrets-store-csi-driver, oras, spegel, scorecard,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: gitsign, loki, k9s, kubeflow-katib, guac, k8sgpt, cri-tools, datadog-agent, newrelic-infrastructure-agent, cert-manager, dagger, telegraf, falcoctl, buildkitd, helm-operator, crane, scorecard, policy-controller, bom, filebeat, slsa-verifier, nerdctl, zot,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: dask-gateway, vt-cli, go-licenses, cni-plugins, kubeflow-katib, nvidia-device-plugin, flux, paranoia, nri-kafka, temporal-ui-server, docker-credential-ecr-login, kube-bench, regclient, nri-rabbitmq, nodetaint, secrets-store-csi-driver-provider-aws, gatekeeper, oras,...