36 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: telegraf, policy-controller, melange, rancher-agent, flux-source-controller, flux-notification-controller, caddy, act, gh, gitea, pulumi-language-dotnet, step-issuer, ko, syft, cilium, docker-machine-driver-harvester, buildkitd, glab, sops, gptscript, docker,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: telegraf, policy-controller, melange, rancher-agent, flux-source-controller, flux-notification-controller, caddy, act, crossplane-provider-aws-kinesis, gh, gitea, pulumi-language-dotnet, step-issuer, ko, crossplane-provider-aws-eks, syft, cilium, buildkitd, glab, sop...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: telegraf, policy-controller, melange, rancher-agent, flux-source-controller, flux-notification-controller, caddy, act, crossplane-provider-aws-kinesis, gh, gitea, pulumi-language-dotnet, step-issuer, ko, crossplane-provider-aws-eks, syft, cilium, buildkitd, glab, sop...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: rabbitmq-messaging-topology-operator, github-mcp-server, victoriametrics-cluster, flux-image-reflector-controller, volume-modifier-for-k8s, fluxcd-kustomize-mutating-webhook, aws-network-policy-agent, metacontroller, flux-source-controller, mariadb-operator, polaris,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: migrate, telegraf, tofu-controller, cloud-provider-vsphere, kube-state-metrics, kube-vip, policy-controller, spqr, volume-modifier-for-k8s, kubernetes-csi-external-resizer, rancher-agent, rclone, flux-source-controller, datadog-agent, flux-notification-controller,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: migrate, telegraf, tofu-controller, cloud-provider-vsphere, kube-state-metrics, kube-vip, policy-controller, spqr, volume-modifier-for-k8s, kubernetes-csi-external-resizer, rancher-agent, rclone, flux-source-controller, datadog-agent, flux-notification-controller,...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: glab, opencost, flux-operator, ferretdb, jaeger, datadog-agent, osv-scanner...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: glab, opencost, flux-operator, ferretdb, jaeger, datadog-agent, osv-scanner...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: glab, opencost, flux-operator, ferretdb, jaeger, datadog-agent, osv-scanner...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: jaeger, gitlab-workhorse-ce-fips, opencost-fips, opencost, glab, flux-operator-fips, ferretdb, datadog-agent-fips, jaeger-fips, gitlab-workhorse-ce, livekit-cli, datadog-agent, osv-scanner, flux-operator...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: jaeger, gitlab-workhorse-ce-fips, opencost-fips, opencost, glab, flux-operator-fips, ferretdb, datadog-agent-fips, jaeger-fips, gitlab-workhorse-ce, livekit-cli, datadog-agent, osv-scanner, flux-operator...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: jaeger, gitlab-workhorse-ce-fips, opencost-fips, opencost, glab, flux-operator-fips, ferretdb, datadog-agent-fips, jaeger-fips, gitlab-workhorse-ce, livekit-cli, datadog-agent, osv-scanner, flux-operator...
CVE-2026-27896 vulnerabilities
Vulnerabilities for packages: jaeger, gitlab-workhorse-ce-fips, opencost-fips, github-mcp-server, opencost, flux-operator-fips, ferretdb, datadog-agent-fips, gptscript, jaeger-fips, gitlab-workhorse-ce, datadog-agent, osv-scanner, flux-operator...
GHSA-WVJ2-96WP-FQ3F vulnerabilities
Vulnerabilities for packages: jaeger, gitlab-workhorse-ce-fips, opencost-fips, github-mcp-server, opencost, flux-operator-fips, ferretdb, datadog-agent-fips, gptscript, jaeger-fips, gitlab-workhorse-ce, datadog-agent, osv-scanner, flux-operator...
SUSE CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
GO-2026-4351 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator
Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator-fips, flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator-fips, flux-operator...