18 matches found
CVE-2026-44903 vulnerabilities
Vulnerabilities for packages: jaeger, minio-object-browser, istio, mc, cloud-sql-proxy, splunk-otel-collector, telegraf, fluent-bit-plugin-loki, prometheus-pushgateway, certificate-transparency, opentelemetry-collector, minio-operator, minio, prometheus, keda, amazon-cloudwatch-agent-operator,...
GHSA-FW8G-CG8F-9J28 vulnerabilities
Vulnerabilities for packages: jaeger, minio-object-browser, istio, mc, cloud-sql-proxy, splunk-otel-collector, telegraf, fluent-bit-plugin-loki, prometheus-pushgateway, certificate-transparency, opentelemetry-collector, minio-operator, minio, prometheus, keda, amazon-cloudwatch-agent-operator,...
GHSA-FW8G-CG8F-9J28 vulnerabilities
Vulnerabilities for packages: minio-operator, node-problem-detector-fips, opentelemetry-collector, mcp-grafana-fips, metrics-server, minio-fips, minio-operator-fips, opentelemetry-collector-contrib-fips, certificate-transparency, opentelemetry-collector-fips, cloudzero-agent-fips,...
EUVD-2026-25846
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...
PT-2026-35413
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skip tls validation by default it is...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: dask-gateway, dataplaneapi, fuse-overlayfs-snapshotter, golangci-lint, secrets-store-csi-driver, caddy, kyverno-policy-reporter-ui, cloud-provider-aws, helm-mapkubeapis, cis-operator, flux-helm-controller, argo-events, envoy-gateway, gcsfuse, kube-arangodb, coredns,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, opentelemetry-collector-fips, multus-cni-fips, spilo...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, spilo, multus-cni-fips, tetragon-fips, runc,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, opentelemetry-collector-fips, multus-cni-fips, spilo...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, spilo, multus-cni-fips, tetragon-fips, runc,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: gitaly-fips, scanner-test-golang-vulnerability-fixed, crossplane-function-go-templating, tetragon-fips, nsc, go-discover, seaweedfs-operator, dcgm-exporter, goose, amazon-ecs-cni-plugins-fips, crossplane-provider-aws-route53-fips, supercronic-fips, mc,...
GHSA-H355-32PF-P2XM vulnerabilities
Vulnerabilities for packages: golangci-lint, crossplane-provider-aws-dynamodb, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, cloud-provider-aws, helm-mapkubeapis, terragrunt, terraform-provider-kubernetes, kserve-rest-proxy, newrelic-nri-statsd,...
CVE-2025-68121 vulnerabilities
Vulnerabilities for packages: golangci-lint, crossplane-provider-aws-dynamodb, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, cloud-provider-aws, helm-mapkubeapis, terragrunt, terraform-provider-kubernetes, kserve-rest-proxy, newrelic-nri-statsd,...
CVE-2025-61732 vulnerabilities
Vulnerabilities for packages: golangci-lint, jaeger, crossplane-provider-aws-dynamodb, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, cloud-provider-aws, helm-mapkubeapis, terragrunt, terraform-provider-kubernetes, kserve-rest-proxy, protoc-gen-go,...
GHSA-8JVR-VH7G-F8GX vulnerabilities
Vulnerabilities for packages: golangci-lint, jaeger, crossplane-provider-aws-dynamodb, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, cloud-provider-aws, helm-mapkubeapis, terragrunt, terraform-provider-kubernetes, kserve-rest-proxy, protoc-gen-go,...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, kubevela, volume-modifier-for-k8s-fips, aws-efs-csi-driver-fips, runc, smarter-device-manager-fips, k8sgpt-operator, bom, pulumi-kubernetes-operator, prometheus-blackbox-exporter, terraform-provider-sendgrid, spark-operator,...
Malicious code in stackdriver-pushgateway (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4ced9f87756bed39e7f18172a9b6b7756622f38898cdf15d826d591344b89c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6286 Malicious code in stackdriver-pushgateway (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4ced9f87756bed39e7f18172a9b6b7756622f38898cdf15d826d591344b89c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...