36 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: chisel, grype, gitea, flux, kubescape, zot, helm, argocd-image-updater, syft, pulumi-language-yaml, docker-cli-buildx, external-dns, cert-manager, pulumi-language-java, mods, kots, flux-source-controller, gatus, flux-image-automation-controller, kubernetes, kargo,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: chisel, grype, gitea, flux, kubescape, zot, helm, argocd-image-updater, syft, crossplane-provider-aws-route53, pulumi-language-yaml, crossplane-provider-aws-ec2, docker-cli-buildx, crossplane-provider-keycloak, crossplane-provider-aws-kinesis, sealed-secrets,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: chisel, grype, gitea, flux, kubescape, zot, helm, argocd-image-updater, syft, crossplane-provider-aws-route53, pulumi-language-yaml, crossplane-provider-aws-ec2, docker-cli-buildx, crossplane-provider-keycloak, crossplane-provider-aws-kinesis, sealed-secrets,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: aws-privateca-issuer, dataplaneapi, grafana-operator, karpenter, victoriametrics, external-secrets-operator, omnibump, flux, ingress-nginx-controller, metacontroller, mountpoint-s3-csi-driver, github-mcp-server, secrets-store-csi-driver-provider-aws,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: flux, kubernetes-csi-driver-hostpath, yunikorn-k8shim, mcp-grafana, terraform-provider-sendgrid, cloud-provider-azure, gatekeeper, kubescape, modelmesh-runtime-adapter, helm, argocd-image-updater, contour, redka, sftpgo-plugin-auth, syft, terraform-provider-time, zot...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: flux, kubernetes-csi-driver-hostpath, yunikorn-k8shim, mcp-grafana, terraform-provider-sendgrid, cloud-provider-azure, gatekeeper, kubescape, modelmesh-runtime-adapter, helm, argocd-image-updater, contour, redka, sftpgo-plugin-auth, syft, terraform-provider-time, zot...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: ferretdb, jaeger, datadog-agent, glab, flux-operator, opencost, osv-scanner...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: ferretdb, jaeger, datadog-agent, glab, flux-operator, opencost, osv-scanner...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: ferretdb, jaeger, datadog-agent, glab, flux-operator, opencost, osv-scanner...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: livekit-cli, glab, flux-operator-fips, jaeger, opencost, opencost-fips, osv-scanner, gitlab-workhorse-ce-fips, ferretdb, flux-operator, gitlab-workhorse-ce, datadog-agent, jaeger-fips, datadog-agent-fips...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: livekit-cli, glab, flux-operator-fips, jaeger, opencost, opencost-fips, osv-scanner, gitlab-workhorse-ce-fips, ferretdb, flux-operator, gitlab-workhorse-ce, datadog-agent, jaeger-fips, datadog-agent-fips...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: livekit-cli, glab, flux-operator-fips, jaeger, opencost, opencost-fips, osv-scanner, gitlab-workhorse-ce-fips, ferretdb, flux-operator, gitlab-workhorse-ce, datadog-agent, jaeger-fips, datadog-agent-fips...
CVE-2026-27896 vulnerabilities
Vulnerabilities for packages: github-mcp-server, flux-operator-fips, jaeger, opencost, opencost-fips, osv-scanner, gitlab-workhorse-ce-fips, ferretdb, gptscript, flux-operator, gitlab-workhorse-ce, datadog-agent, jaeger-fips, datadog-agent-fips...
GHSA-WVJ2-96WP-FQ3F vulnerabilities
Vulnerabilities for packages: github-mcp-server, flux-operator-fips, jaeger, opencost, opencost-fips, osv-scanner, gitlab-workhorse-ce-fips, ferretdb, gptscript, flux-operator, gitlab-workhorse-ce, datadog-agent, jaeger-fips, datadog-agent-fips...
SUSE CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
GO-2026-4351 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator
Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator, flux-operator-fips...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator, flux-operator-fips...