135 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: docker-cli-buildx, k3s, kubernetes-dashboard, prometheus, act, argo-events, prometheus-operator, zot, terragrunt, nuclei, kubernetes, wal-g, aactl, chisel, k8sgpt, rootlesskit, chezmoi, snyk-cli, docker-machine-driver-harvester, cloud-provider-aws,...
SUSE SLES15 Security Update : terraform-provider-local, terraform-provider-null (SUSE-SU-2026:2484-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2484-1 advisory. This update for terraform-provider-local, terraform-provider-null fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infini...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: newrelic-k8s-metrics-adapter, knative-kafka-broker, crossplane-fips, cloud-provider-azure-fips, boring-registry, buildah-fips, terraform-fips, azurefile-csi-fips, spicedb-operator-fips, kapp-controller, moby-ryuk-fips, cri-tools, gcsfuse,...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: newrelic-k8s-metrics-adapter, knative-kafka-broker, crossplane-fips, cloud-provider-azure-fips, boring-registry, buildah-fips, terraform-fips, azurefile-csi-fips, spicedb-operator-fips, kapp-controller, moby-ryuk-fips, cri-tools, gcsfuse,...
SUSE SLES15: terraform-provider-local / terraform-provider-null / etc (SUSE-SU-2026:1411-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1411-1 advisory. This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue...
Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files can lead to the consumption of corrupted files bsc1258097...
SUSE-SU-2026:1411-1 Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: - CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files that can lead to the consumption of corrupted files...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, terraform-docs, spark-operator, pgpool2exporter, gobuster, mkcert, act, aws-sigv4-proxy, zot, portieris, nri-discovery-kubernetes, knative-eventing, kafka-proxy, x509-certificate-exporter, kuberay-operator, bazelisk, snyk-cli,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, terraform-docs, spark-operator, pgpool2exporter, gobuster, act, aws-sigv4-proxy, zot, portieris, nri-discovery-kubernetes, knative-eventing, kafka-proxy, x509-certificate-exporter, kuberay-operator, bazelisk, snyk-cli, dynamic-localpv-provisione...
CVE-2026-27140 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, terraform-docs, spark-operator, pgpool2exporter, gobuster, mkcert, act, nri-memcached, aws-sigv4-proxy, zot, minify, portieris, nri-discovery-kubernetes, knative-eventing, kafka-proxy, x509-certificate-exporter, kuberay-operator, bazelisk,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: docker-cli-buildx, opentelemetry-operator, k3s, kubernetes-dashboard, kubernetes-dashboard-auth, trillian, terraform-docs, rabbitmq-messaging-topology-operator, prometheus, weaviate, aws-flb-cloudwatch, secrets-store-csi-driver, argo-events, prometheus-operator, zot,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: grafana-beyla, kyverno-policy-reporter-ui, knative-kafka-broker, cephcsi, dcgm-exporter-fips, aws-network-policy-agent, flannel-fips, openbao-k8s-fips, crossplane-fips, crossplane-provider-aws-wafv2, cue, lvm-driver, task-fips, pluto-fips, cloud-provider-azure-fips,...
CVE-2026-32280 vulnerabilities
Vulnerabilities for packages: grafana-beyla, kyverno-policy-reporter-ui, knative-kafka-broker, cephcsi, dcgm-exporter-fips, aws-network-policy-agent, flannel-fips, openbao-k8s-fips, crossplane-fips, crossplane-provider-aws-wafv2, cue, lvm-driver, task-fips, pluto-fips, cloud-provider-azure-fips,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: grafana-beyla, kyverno-policy-reporter-ui, knative-kafka-broker, cephcsi, dcgm-exporter-fips, aws-network-policy-agent, flannel-fips, openbao-k8s-fips, crossplane-fips, crossplane-provider-aws-wafv2, cue, lvm-driver, task-fips, pluto-fips, cloud-provider-azure-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: grafana-beyla, kyverno-policy-reporter-ui, knative-kafka-broker, cephcsi, dcgm-exporter-fips, aws-network-policy-agent, flannel-fips, openbao-k8s-fips, crossplane-fips, crossplane-provider-aws-wafv2, cue, lvm-driver, task-fips, pluto-fips, cloud-provider-azure-fips,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: aws-network-policy-agent, timescaledb-tune, task-fips, cue, crossplane-provider-aws-rds-fips, kubeflow, crossplane-provider-aws-kms-fips, mcp-grafana, plugin-barman-cloud, dask-gateway, go-md2man, prometheus-node-exporter, nvidia-container-toolkit-fips, victorialogs,...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: docker-cli-buildx, octo-sts, opentelemetry-operator, k3s, clickhouse-operator, k8sgateway, trillian, rabbitmq-messaging-topology-operator, prometheus, weaviate, secrets-store-csi-driver, terraform-provider-grafana, zot, terragrunt, harbor, k6, kubernetes,...
GO-2026-4737 Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121 in github.com/argoproj-labs/terraform-provider-argocd
Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121 in github.com/argoproj-labs/terraform-provider-argocd...
GHSA-594F-3595-C47V Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121
Summary The terraform-provider-argocd might have been vulnerable to GO-2026-4337 / CVE-2025-68121 "Unexpected session resumption in crypto/tls". Details See https://pkg.go.dev/vuln/GO-2026-4337 for the upstream vulnerability. Provider versions starting with v7.15.1 are using go 1.25.8 for buildin...
Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121
Summary The terraform-provider-argocd might have been vulnerable to GO-2026-4337 / CVE-2025-68121 "Unexpected session resumption in crypto/tls". Details See https://pkg.go.dev/vuln/GO-2026-4337 for the upstream vulnerability. Provider versions starting with v7.15.1 are using go 1.25.8 for buildin...