53 matches found
CVE-2024-23653 vulnerabilities
Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...
CVE-2024-23652 vulnerabilities
Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...
CVE-2024-23651 vulnerabilities
Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...
CVE-2024-23653 vulnerabilities
Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...
CVE-2024-23652 vulnerabilities
Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...
CVE-2024-23651 vulnerabilities
Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...
CVE-2024-23650 vulnerabilities
Vulnerabilities for packages: scorecard, kubescape, datadog-agent, docker, kaniko, skaffold, trivy, zot, guac, conftest, buildkitd...
CVE-2024-23650 vulnerabilities
Vulnerabilities for packages: conftest-fips, scorecard, skaffold, trivy, zot, docker, buildkitd, kubescape, datadog-agent, conftest, datadog-agent-fips, guac, kaniko...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: scorecard, dgraph, aws-efs-csi-driver-fips, up, slsa-verifier, terraform-provider-sendgrid-fips, buildkitd, kubeflow, falco, smarter-device-manager-fips, falcoctl-fips, spark-operator, prometheus-stackdriver-exporter, metrics-server-fips, kubeflow-fips,...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: scorecard, kubescape, up, slsa-verifier, kubevela, cortex, aactl, k3d, spark-operator, terraform-provider-sendgrid, dgraph, kubeflow, buildkitd, prometheus-blackbox-exporter, falco, src...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: kubescape, helm, hey, frp, grpcurl, secrets-store-csi-driver, nginx-mainline, envoy-ratelimit, oauth2-proxy, sigstore-scaffolding, flux-source-controller, kubeflow, kots, kubernetes-csi-livenessprobe, prometheus-blackbox-exporter, pulumi-kubernetes-operator,...
GHSA-J77R-2FXF-5JRW Improper path handling in kustomization files allows path traversal
The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user can use built-in features and a specially crafted kustomization.yaml to expose sensitive data from the controller’s pod filesystem. In multi-tenancy...
Improper path handling in kustomization files allows path traversal
The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user can use built-in features and a specially crafted kustomization.yaml to expose sensitive data from the controller’s pod filesystem. In multi-tenancy...