139 matches found
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, harbor-cli, kyverno, hubble, lazydocker, whereabouts, filebrowser, scorecard, nri-kubernetes, cilium, kubewatch, consul-k8s, kuberlr, mariadb-operator, kubernetes-csi-external-resizer, task, nri-apache, portieris, dive, vault-k8s,...
CVE-2026-15067
Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, including SQL injection via an unsanitized data source input could result in arbitrary SQL execution under the provider's privileged Snowflake session, potentially enabling sensitive data exfiltration...
CVE-2026-15067
Snowflake Terraform Provider before 2.18.0 is affected by SQL injection via an unsanitized data source input that can cause arbitrary SQL execution within the provider’s privileged Snowflake session, potentially enabling data exfiltration and creation of long‑lived credentials. DDL injection in u...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: gitlab-kas, kyverno, openbao, chisel, neuvector-sigstore-interface, scorecard, gitlab-runner, fulcio, zarf, dagger, cilium, gomplate, k9s, cilium-cli, argo-cd, external-secrets-operator, grype, rancher, crossplane-provider-family-azure, zot, loki, fscrypt, tflint,...
SUSE SLES15 Security Update : terraform-provider-local, terraform-provider-null (SUSE-SU-2026:2484-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2484-1 advisory. This update for terraform-provider-local, terraform-provider-null fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infini...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, grafana-image-renderer, crossplane-provider-aws-s3-fips, tetragon-fips, ksops, crossplane-provider-azure-network, go-discover-fips, go-discover, harbor, crossplane-provider-aws-secretsmanager, gitlab-cng-fips, helm-operator,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, grafana-image-renderer, crossplane-provider-aws-s3-fips, tetragon-fips, ksops, crossplane-provider-azure-network, go-discover-fips, go-discover, harbor, crossplane-provider-aws-secretsmanager, gitlab-cng-fips, helm-operator,...
SUSE SLES15: terraform-provider-local / terraform-provider-null / etc (SUSE-SU-2026:1411-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1411-1 advisory. This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue...
Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files can lead to the consumption of corrupted files bsc1258097...
SUSE-SU-2026:1411-1 Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: - CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files that can lead to the consumption of corrupted files...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: cluster-api, gitsign, gitlab-kas, helm-set-status, gitaly, harbor, kyverno, minio-object-browser, hubble, openbao, docker-credential-gcr, hubble-ui, lazydocker, grafana-pyroscope, filebrowser, sftpgo, tetragon, yunikorn-k8shim, scorecard, seaweedfs,...
CVE-2026-27140 vulnerabilities
Vulnerabilities for packages: harbor-cli, kyverno, hubble, rancher-loglevel, docker-credential-gcr, lazydocker, whereabouts, grafana-pyroscope, filebrowser, scorecard, certificate-transparency, cilium, kubewatch, consul-k8s, kuberlr, hello-world-golang, mariadb-operator,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: harbor-cli, kyverno, hubble, rancher-loglevel, docker-credential-gcr, lazydocker, whereabouts, grafana-pyroscope, filebrowser, scorecard, certificate-transparency, cilium, kubewatch, consul-k8s, kuberlr, mariadb-operator, kubernetes-csi-external-resizer,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: harbor-cli, kyverno, hubble, rancher-loglevel, docker-credential-gcr, lazydocker, whereabouts, grafana-pyroscope, filebrowser, scorecard, certificate-transparency, cilium, kubewatch, consul-k8s, kuberlr, mariadb-operator, kubernetes-csi-external-resizer,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, opentelemetry-collector-fips, multus-cni-fips, spilo...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: gitaly-fips, scanner-test-golang-vulnerability-fixed, crossplane-function-go-templating, tetragon-fips, nsc, go-discover, seaweedfs-operator, dcgm-exporter, goose, amazon-ecs-cni-plugins-fips, crossplane-provider-aws-route53-fips, supercronic-fips, mc,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, opentelemetry-collector-fips, multus-cni-fips, spilo...
CVE-2026-32280 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, opentelemetry-collector-fips, multus-cni-fips, spilo...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, spilo, multus-cni-fips, tetragon-fips, runc,...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: cloudprober, cluster-api, crossplane-provider-aws-ec2, gitlab-kas, harbor-cli, kserve, gitaly, harbor, kyverno, hubble, kapp, openbao, lazydocker, amazon-cloudwatch-agent, grafana-pyroscope, neuvector-sigstore-interface, sftpgo, crossplane-provider-aws-iam, scorecard...