39 matches found
GHSA-C653-97M9-RCG9 vulnerabilities
Vulnerabilities for packages: apache-pulsar, thingsboard, cassandra, kafka, spark-kubernetes-operator-fips, tez, solr, logstash, kayenta-fips, neo4j, opensearch, apache-pulsar-fips, docker-selenium, celeborn, knative-kafka-broker-fips, commercial-elasticsearch, strimzi-kafka-operator-fips,...
CVE-2026-50010 vulnerabilities
Vulnerabilities for packages: apache-pulsar, thingsboard, cassandra, kafka, spark-kubernetes-operator-fips, tez, solr, logstash, kayenta-fips, neo4j, opensearch, apache-pulsar-fips, docker-selenium, celeborn, knative-kafka-broker-fips, commercial-elasticsearch, strimzi-kafka-operator-fips,...
CVE-2026-50560 vulnerabilities
Vulnerabilities for packages: druid, thingsboard, docker-selenium, spark, management-api-for-apache-cassandra-5.0, kserve-modelmesh, apache-pulsar, infinispan, strimzi-kafka-operator...
GHSA-HVCG-QMG6-JM4C vulnerabilities
Vulnerabilities for packages: druid, wildfly, opensearch, thingsboard, docker-selenium, strimzi-kafka-operator, keycloak, tez, spark, management-api-for-apache-cassandra-5.0, kserve-modelmesh, logstash, apache-pulsar, infinispan, neo4j...
CVE-2026-50020 vulnerabilities
Vulnerabilities for packages: druid, wildfly, opensearch, thingsboard, docker-selenium, strimzi-kafka-operator, keycloak, tez, spark, management-api-for-apache-cassandra-5.0, kserve-modelmesh, logstash, apache-pulsar, infinispan, neo4j...
GHSA-563Q-J3CM-6JXM vulnerabilities
Vulnerabilities for packages: druid, thingsboard, docker-selenium, spark, management-api-for-apache-cassandra-5.0, kserve-modelmesh, apache-pulsar, infinispan, strimzi-kafka-operator...
CVE-2026-50010 vulnerabilities
Vulnerabilities for packages: druid, opensearch, thingsboard, docker-selenium, solr, tez, cassandra, management-api-for-apache-cassandra-5.0, spark, kserve-modelmesh, logstash, apache-pulsar, infinispan, neo4j...
GHSA-C653-97M9-RCG9 vulnerabilities
Vulnerabilities for packages: druid, opensearch, thingsboard, docker-selenium, solr, tez, cassandra, management-api-for-apache-cassandra-5.0, spark, kserve-modelmesh, logstash, apache-pulsar, infinispan, neo4j...
CLEANSTART-2026-JY46135 Security fixes for ghsa-m5vv-6r4h-3vj9 applied in versions: 0.12.0-r3
Security vulnerability affects the modelmesh-runtime-adapter package. This issue is resolved in later releases. See references for vulnerability details...
CLEANSTART-2026-MJ60235 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-29181, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-6v2p-p543-phr9, ghsa-6xv5-86q9-7xr8, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 0.12.0-r0, 0.12.0-r1, 0.9.0-r0
Multiple security vulnerabilities affect the modelmesh-runtime-adapter package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-GQ00159 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-29181, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-6v2p-p543-phr9, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 0.12.0-r0, 0.12.0-r1, 0.12.0-r2
Multiple security vulnerabilities affect the modelmesh-runtime-adapter package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-DH72490 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-29181, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-6v2p-p543-phr9, ghsa-6xv5-86q9-7xr8, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 0.11.2-r0, 0.12.0-r0, 0.12.0-r1
Multiple security vulnerabilities affect the modelmesh-runtime-adapter package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-GJ69402 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-29181, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-6v2p-p543-phr9, ghsa-6xv5-86q9-7xr8, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 0.10.0-r0, 0.12.0-r0, 0.12.0-r1
Multiple security vulnerabilities affect the modelmesh-runtime-adapter package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-PK73499 Security fixes for CVE-2026-5588, CVE-2026-5598, ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-c3fc-8qff-9hwx, ghsa-fghv-69vj-qj49, ghsa-p93r-85wp-75v3, ghsa-prj3-ccx8-p6x4, ghsa-wg6q-6289-32hp, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16, 0.9.0-r1
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-EZ90321 Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s...
Multiple security vulnerabilities affect the kserve-modelmesh package. Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS PTR when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid...
CLEANSTART-2026-QG74410 Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-QZ16523 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Multiple security vulnerabilities affect the modelmesh-runtime-adapter package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: cerbos, prometheus, descheduler, k8s-device-plugin, kyverno-notation-aws, argo-workflows, envoy-gateway, cloud-sql-proxy, crossplane-provider-keycloak, cluster-api, bom, dapr, dex, kube-fluentd-operator, keda, kubernetes-dashboard, juicefs-csi-driver, terraform-docs,...
CLEANSTART-2026-AA51484 Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-DP55969 Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...