33 matches found
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: rabbitmq-messaging-topology-operator, sftpgo-plugin-eventsearch, aws-privateca-issuer, flux, volume-modifier-for-k8s, github-mcp-server, grafana-rollout-operator, flux-image-automation-controller, stakater-reloader, secrets-store-csi-driver-provider-aws,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: crossplane, kargo, ko, step-ca, rancher-agent, libnvidia-container, lazydocker, cloudnative-pg, wal-g, grafana-agent-operator, docker-credential-gcr, witness, splunk-otel-collector, cluster-autoscaler, kots, prometheus-adapter, promxy, crossplane-provider-sql, cerbos...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: crossplane, kargo, ko, step-ca, rancher-agent, libnvidia-container, lazydocker, cloudnative-pg, wal-g, grafana-agent-operator, docker-credential-gcr, witness, splunk-otel-collector, cluster-autoscaler, kots, prometheus-adapter, promxy, crossplane-provider-sql, cerbos...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: glab, jaeger, osv-scanner, datadog-agent, ferretdb, opencost, flux-operator...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: glab, jaeger, osv-scanner, datadog-agent, ferretdb, opencost, flux-operator...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: glab, jaeger, osv-scanner, datadog-agent, ferretdb, opencost, flux-operator...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: jaeger-fips, opencost, datadog-agent, jaeger, gitlab-workhorse-ce, flux-operator-fips, datadog-agent-fips, gitlab-workhorse-ce-fips, livekit-cli, flux-operator, osv-scanner, opencost-fips, glab, ferretdb...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: jaeger-fips, opencost, datadog-agent, jaeger, gitlab-workhorse-ce, flux-operator-fips, datadog-agent-fips, gitlab-workhorse-ce-fips, livekit-cli, flux-operator, osv-scanner, opencost-fips, glab, ferretdb...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: jaeger-fips, opencost, datadog-agent, jaeger, gitlab-workhorse-ce, flux-operator-fips, datadog-agent-fips, gitlab-workhorse-ce-fips, livekit-cli, flux-operator, osv-scanner, opencost-fips, glab, ferretdb...
GHSA-WVJ2-96WP-FQ3F vulnerabilities
Vulnerabilities for packages: jaeger-fips, opencost, datadog-agent, github-mcp-server, gitlab-workhorse-ce, flux-operator-fips, datadog-agent-fips, gitlab-workhorse-ce-fips, jaeger, flux-operator, osv-scanner, gptscript, opencost-fips, ferretdb...
CVE-2026-27896 vulnerabilities
Vulnerabilities for packages: jaeger-fips, opencost, datadog-agent, github-mcp-server, gitlab-workhorse-ce, flux-operator-fips, datadog-agent-fips, gitlab-workhorse-ce-fips, jaeger, flux-operator, osv-scanner, gptscript, opencost-fips, ferretdb...
SUSE CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
GO-2026-4351 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator
Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator, flux-operator-fips...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator, flux-operator-fips...
CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...