61 matches found
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: helm-fips, steampipe, consul-k8s, envoy-gateway-fips, cloudbeat, kubevela, wolfictl, chartmuseum-fips, crossplane, helmfile, k8sgpt, manifest-tool, docker-cli-buildx-fips, grype-fips, helm-operator-fips, spegel, helm-set-status, chaos-mesh, trivy-operator,...
CVE-2026-53488 vulnerabilities
Vulnerabilities for packages: helm-fips, steampipe, consul-k8s, envoy-gateway-fips, cloudbeat, kubevela, wolfictl, chartmuseum-fips, crossplane, helmfile, k8sgpt, manifest-tool, docker-cli-buildx-fips, grype-fips, helm-operator-fips, spegel, helm-set-status, chaos-mesh, trivy-operator,...
CVE-2026-47262 vulnerabilities
Vulnerabilities for packages: helm-fips, steampipe, consul-k8s, envoy-gateway-fips, cloudbeat, kubevela, wolfictl, chartmuseum-fips, crossplane, helmfile, k8sgpt, manifest-tool, docker-cli-buildx-fips, grype-fips, helm-operator-fips, spegel, helm-set-status, chaos-mesh, trivy-operator,...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-lambda, crossplane-provider-aws-cloudformation, kserve, consul-k8s, crossplane-provider-aws-osis, kubernetes-csi-livenessprobe-fips, chartmuseum-fips, gcp-compute-persistent-disk-csi-driver, cinder-csi-plugin-fips,...
CVE-2026-35206 vulnerabilities
Vulnerabilities for packages: helm-set-status, k8ssandra-client, teleport, flux, eksctl, cerbos, linkerd2, zarf, chartmuseum, helm-mapkubeapis, helm-push, kubescape, kube-arangodb, cluster-api-helm-controller, envoy-gateway, cert-manager-cmctl, headlamp, tigera-operator, flux-source-controller,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: helm-set-status, k8ssandra-client, teleport, flux, eksctl, cerbos, linkerd2, zarf, chartmuseum, helm-mapkubeapis, helm-push, kubescape, kube-arangodb, cluster-api-helm-controller, envoy-gateway, cert-manager-cmctl, headlamp, tigera-operator, flux-source-controller,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: k8ssandra-client, tigera-operator, kubescape-server, chart-testing, cert-manager-cmctl, istio, chart-testing-fips, consul-k8s, envoy-gateway-fips, flux, gitlab-operator, headlamp, helm-diff-fips, nova-fips, cloudbeat, chartmuseum, cluster-api-helm-controller,...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: buf, grafana, kbld, docker-cli, flux-source-watcher, atlas, amazon-ecs-cni-plugins, atlas-fips, chartmuseum-fips, nsc, nerdctl-fips, slsa-verifier, trivy-operator, trivy-operator-fips, knative-operator, gitlab-rails-ce, nats, crane, gitleaks, goreleaser, cilium, triv...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: buf, grafana, kbld, docker-cli, flux-source-watcher, atlas, amazon-ecs-cni-plugins, atlas-fips, chartmuseum-fips, nsc, nerdctl-fips, slsa-verifier, trivy-operator, trivy-operator-fips, knative-operator, gitlab-rails-ce, nats, crane, gitleaks, goreleaser, cilium, triv...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: grafana, prometheus-pgbouncer-exporter-fips, docker-cli, opencost, kyverno-policy-reporter-fips, atlas, spicedb-operator-fips, authservice, kyverno-policy-reporter-plugins-kyverno-fips, kubernetes-csi-livenessprobe-fips, atlas-fips, chartmuseum-fips,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: grafana, prometheus-pgbouncer-exporter-fips, docker-cli, opencost, kyverno-policy-reporter-fips, atlas, spicedb-operator-fips, authservice, kyverno-policy-reporter-plugins-kyverno-fips, kubernetes-csi-livenessprobe-fips, atlas-fips, chartmuseum-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: buf, grafana, infinispan-operator, kbld, prometheus-pgbouncer-exporter-fips, docker-cli, opencost, kyverno-policy-reporter-fips, actions-runner-controller, croc, flux-source-watcher, consul-k8s, amazon-vpc-cni-plugins, atlas, mariadb-operator-fips, addon-resizer-fips...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: grafana, kbld, prometheus-pgbouncer-exporter-fips, opencost, mariadb-operator-fips, authservice, kubernetes-csi-livenessprobe-fips, chartmuseum-fips, gcp-compute-persistent-disk-csi-driver, newrelic-k8s-metadata-injection-fips, terraform-provider-time-fips, hugo, mc,...
CVE-2025-68121 vulnerabilities
Vulnerabilities for packages: cass-operator, kiali, cerbos, go-discover, rancher-machine, aws-load-balancer-controller, nsc, mods, flux-source-controller, sftpgo-plugin-kms, crossplane-provider-aws-elasticache, extism, cilium-cli, descheduler, k8s-device-plugin, cluster-api-aws-controller,...
GHSA-8JVR-VH7G-F8GX vulnerabilities
Vulnerabilities for packages: cass-operator, kubecolor, kiali, cerbos, linkerd2, go-discover, rancher-machine, aws-load-balancer-controller, nsc, mods, flux-source-controller, sftpgo-plugin-kms, crossplane-provider-aws-elasticache, extism, cilium-cli, descheduler, k8s-device-plugin,...
CVE-2025-61732 vulnerabilities
Vulnerabilities for packages: cass-operator, kubecolor, kiali, cerbos, linkerd2, go-discover, rancher-machine, aws-load-balancer-controller, nsc, mods, flux-source-controller, sftpgo-plugin-kms, crossplane-provider-aws-elasticache, extism, cilium-cli, descheduler, k8s-device-plugin,...
CLEANSTART-2026-CT39828 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details...
CLEANSTART-2026-TS42581 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details...
CLEANSTART-2026-SY95837 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details...
GHSA-QH38-484V-W52X vulnerabilities
Vulnerabilities for packages: vertical-pod-autoscaler, gcp-compute-persistent-disk-csi-driver, fulcio, ghaudit, dagdotdev, go-bindata, boring-registry, custom-pod-autoscaler-operator, flux, kubecolor, mc, mongodb-kubernetes-operator, flyte, protoc-gen-go-grpc, sigstore-scaffolding, manifest-tool,...