10 matches found
SUSE-SU-2026:22066-1 Security update for elemental-operator
This update for elemental-operator fixes the following issue - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260277. Changes for elemental-operator: - Fix substitution - Fix reference in labels - Adapt labels to pass...
Security update for cosign
This update for cosign fixes the following issues: Update to version 3.0.5 jscSLE-23879. Security issues fixed: CVE-2025-11065: github.com/go-viper/mapstructure/v2: sensitive Information leak in logs bsc1250620. CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause...
[SECURITY] Fedora 43 Update: golangci-lint-2.7.1-1.fc43
Fast linters runner for Go...
Fedora 43 : golangci-lint (2025-cc4c533b49)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-cc4c533b49 advisory. Latest version - This build with the latest golang should also fix all the Go CVEs, although I did verify how/if this package is affected by these...
GHSA-FV92-FJC5-JJ9H vulnerabilities
Vulnerabilities for packages: jaeger, tfsec, tempo-fips, jaeger-fips, calico-fips, pluto, traefik, argo-events-fips, tkn-fips, docker-compose-fips, kube-bench-fips, cloud-sql-proxy, grype-fips, kyverno-policy-reporter-ui, opentelemetry-collector-contrib-fips, envoy-gateway, thanos, docker-compose...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2025:1333-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1333-1 advisory. - CVE-2024-6104: cosign: hashicorp/go-retryablehttp: Fixed sensitive information disclosure to l...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: nats-server, kpt, prometheus-blackbox-exporter, vite, aws-efs-csi-driver, configmap-reload, tflint, prometheus-alertmanager, nri-apache, nri-discovery-kubernetes, lazygit, nri-rabbitmq, dockerize, terraform-docs, kyverno-policy-reporter, cri-tools, cert-exporter,...
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: nats, vexctl, aws-load-balancer-controller-fips, kubernetes-dashboard-fips, vault-k8s, hubble-ui, flux-helm-controller, haproxy-ingress, crossplane-provider-aws-eks, prometheus-bind-exporter, pulumi-kubernetes-operator, docker-compose, aactl,...
Fedora: Security Advisory for golang-github-golangci-lint-1 (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for golang-github-golangci-lint-1 (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...