CLEANSTART-2026-HE31644 Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-33186, CVE-2026-39883, ghsa-6v2p-p543-phr9, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 0.56.1-r0, 0.59.0-r0, 0.59.0-r1

Multiple security vulnerabilities affect the kapp-controller package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2021-32670

Datasette is an open source multi-tool for exploring and publishing data. The ?trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability. This vulnerability is particularly relevant if your Datasette installation...

CVE-2021-32670

Datasette contains a reflected cross-site scripting vulnerability in the ?_trace=1 debugging feature due to inadequate HTML escaping. Affected versions include 0.56.1 and 0.57; patches are available in those releases. Workarounds include rejecting requests with ?_trace= or &_trace= in the query s...

PT-2019-11591 · Red Hat · Osbs-Client

Name of the Vulnerable Software and Affected Versions: osbs-client versions 0.46 through 0.56.0 Description: A flaw was found in the yaml.load function, allowing insecure use that enables loading of suspicious objects for code execution via parsing of malicious YAML files. Recommendations: For...