CLEANSTART-2026-RL67763 Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 25.10.0-r1

Multiple security vulnerabilities affect the gpu-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below. Vulnerability...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below. Vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploi...

GHSA-MQCP-P2HV-VW6X vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails, kube-fluentd-operator, ruby3.3-rails...

GHSA-MQCP-P2HV-VW6X vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-fluentd-operator, ruby3.2-rails, ruby3.3-rails...

GHSA-J3G3-5QV5-52MJ vulnerabilities

Vulnerabilities for packages: jruby, kube-fluentd-operator...

GHSA-J3G3-5QV5-52MJ vulnerabilities

Vulnerabilities for packages: kube-fluentd-operator, truffleruby, jruby...

GHSA-MF24-CHXH-HMVJ vulnerabilities

Vulnerabilities for packages: tigera-operator-fips, tigera-operator...

GHSA-7WRW-R4P8-38RX vulnerabilities

Vulnerabilities for packages: fluent-bit-plugin-loki, cass-operator, grpcurl, wait-for-port, swagger, frp, extism, configmap-reload, k8sgpt, kube-state-metrics, promxy, bank-vaults, thanos-operator, volume-modifier-for-k8s, flux-kustomize-controller, petname, gobuster, kor, nri-f5, vendir, tempo,...

CVE-2025-25193 vulnerabilities

Vulnerabilities for packages: keycloak, keycloak-operator, wildfly...

GHSA-389X-839F-4RHX vulnerabilities

Vulnerabilities for packages: zookeeper-fips, knative-kafka-broker, keycloak-operator, keycloak, wildfly...

GHSA-389X-839F-4RHX vulnerabilities

Vulnerabilities for packages: keycloak, keycloak-operator, wildfly...

GHSA-4G8C-WM8X-JFHW vulnerabilities

Vulnerabilities for packages: flyway, strimzi-kafka-operator, kafka, keycloak-fips, apache-activemq-artemis, neo4j, druid, selenium, elasticsearch-fips, management-api-for-apache-cassandra-4.0, kserve-modelmesh, docker-selenium, wildfly, management-api-for-apache-cassandra-4.1, apache-pulsar,...

CVE-2024-45341 vulnerabilities

Vulnerabilities for packages: cloudnative-pg, bank-vaults, vendir, protoc-gen-go-grpc, prometheus-blackbox-exporter, kube-oidc-proxy, kubevela, velero-plugin-for-microsoft-azure-fips, crossplane-provider-keycloak-fips, helm-operator-fips, temporal-ui-server, consul-k8s, gcsfuse, git-sync, hey,...

GHSA-93WW-43RR-79V3 vulnerabilities

Vulnerabilities for packages: keycloak-fips, keycloak-operator, keycloak, keycloak-config-cli...

GHSA-32P4-GM2C-WMCH vulnerabilities

Vulnerabilities for packages: ansible-operator...

CVE-2022-23635 vulnerabilities

Vulnerabilities for packages: istio-cni, istio-pilot-discovery, istio-operator, istio-pilot-agent...

CVE-2019-14993 vulnerabilities

Vulnerabilities for packages: istio-cni, istio-pilot-discovery, istio-operator, istio-pilot-agent...