15 matches found
CVE-2026-11769
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. Summary The Grafana Operator supports loading dashboards & library panels using the jsonnet data templatin...
EUVD-2026-36641
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. Summary The Grafana Operator supports loading dashboards & library panels using the jsonnet data templatin...
CVE-2026-11769 Operator - Namespaced User Path Traversal
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. Summary The Grafana Operator supports loading dashboards & library panels using the jsonnet data templatin...
CVE-2026-11769
Grafana Operator CVE-2026-11769 affects all versions
PT-2026-49078
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. Summary The Grafana Operator supports loading dashboards & library panels using the jsonnet data templatin...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: kube-logging-logging-operator, clickhouse-operator, listmonk, secrets-store-csi-driver-provider-aws, pgwatch, dapr-fips, flux-image-automation-controller, podinfo-fips, goreleaser, nova, local-path-provisioner, kubernetes-dashboard-metrics-scraper-fips,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: kube-logging-logging-operator, clickhouse-operator, listmonk, secrets-store-csi-driver-provider-aws, pgwatch, dapr-fips, flux-image-automation-controller, podinfo-fips, goreleaser, nova, local-path-provisioner, kubernetes-dashboard-metrics-scraper-fips,...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent-fips, k8s-device-plugin, bento, traefik-fips, rancher-fleet-fips, aws-flb-firehose, podman-fips, net-kourier-fips, backup-restore-operator, loki, cerbos, falco-no-driver, elastic-agent, gomplate-fips, vault-csi-provider, vault-benchmark,...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent-fips, k8s-device-plugin, bento, traefik-fips, rancher-fleet-fips, aws-flb-firehose, podman-fips, net-kourier-fips, backup-restore-operator, loki, cerbos, falco-no-driver, elastic-agent, gomplate-fips, vault-csi-provider, vault-benchmark,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent-fips, wave, k8s-device-plugin, amazon-eks-ami, knative-net-istio-fips, kubernetes-csi-node-driver-registrar, mig-parted-fips, crossplane-provider-family-azure, bento, prometheus-mysqld-exporter, rancher-fleet-fips, rancher-pushprox-fips,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: wave, crossplane-provider-family-azure, bento, rancher-pushprox-fips, prometheus-redis-exporter, podman-fips, grpcurl-fips, buildtools, loki, nfs-subdir-external-provisioner-fips, cerbos, aws-load-balancer-controller, kwok, git-sync-fips, neuvector,...
CVE-2026-32280 vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent-fips, wave, k8s-device-plugin, amazon-eks-ami, knative-net-istio-fips, kubernetes-csi-node-driver-registrar, mig-parted-fips, crossplane-provider-family-azure, bento, prometheus-mysqld-exporter, rancher-fleet-fips, rancher-pushprox-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent-fips, wave, k8s-device-plugin, amazon-eks-ami, knative-net-istio-fips, kubernetes-csi-node-driver-registrar, mig-parted-fips, crossplane-provider-family-azure, bento, prometheus-mysqld-exporter, rancher-fleet-fips, rancher-pushprox-fips,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent-fips, wave, k8s-device-plugin, amazon-eks-ami, knative-net-istio-fips, kubernetes-csi-node-driver-registrar, mig-parted-fips, crossplane-provider-family-azure, bento, prometheus-mysqld-exporter, rancher-fleet-fips, rancher-pushprox-fips,...
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: gcsfuse, wire-go, runc, sbom-scorecard, kine, oras, memcached-exporter, terraform, hey, spark-operator, cfssl, kubeflow-katib, k8sgpt, sonobuoy, vt-cli, aws-flb-cloudwatch, kubernetes-dns-node-cache, kubernetes-dashboard-metrics-scraper, gosu, pombump, lazygit,...