135 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: gatus, witness, prometheus-operator, terragrunt, neuvector-sigstore-interface, k8sgpt, rancher-agent, argo-events, containerd, pulumi-language-dotnet, kubernetes-dashboard, flux-kustomize-controller, syft, cert-manager, kubernetes, step, dagger, buildkitd, hcloud,...
SUSE SLES15 Security Update : terraform-provider-local, terraform-provider-null (SUSE-SU-2026:2484-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2484-1 advisory. This update for terraform-provider-local, terraform-provider-null fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infini...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: loki-fips, aws-node-termination-handler-fips, neuvector-scanner-fips, falcoctl, crossplane-provider-azure-streamanalytics, envoy-gateway, nuclei, crossplane-provider-aws-elasticsearch-fips, amazon-cloudwatch-agent-operator-fips, azurefile-csi-fips, loki, k3s,...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: loki-fips, aws-node-termination-handler-fips, neuvector-scanner-fips, falcoctl, crossplane-provider-azure-streamanalytics, envoy-gateway, nuclei, crossplane-provider-aws-elasticsearch-fips, amazon-cloudwatch-agent-operator-fips, azurefile-csi-fips, loki, k3s,...
SUSE SLES15: terraform-provider-local / terraform-provider-null / etc (SUSE-SU-2026:1411-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1411-1 advisory. This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue...
Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files can lead to the consumption of corrupted files bsc1258097...
SUSE-SU-2026:1411-1 Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: - CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files that can lead to the consumption of corrupted files...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: go-licenses, witness, kubernetes-dashboard-web, secrets-store-csi-driver-provider-aws, vale, metacontroller, helm-push, opentelemetry-operator, regclient, aws-sigv4-proxy, nri-postgresql, falco-exporter, thanos-operator, argo-events, kubernetes-dashboard,...
CVE-2026-27140 vulnerabilities
Vulnerabilities for packages: go-licenses, flannel-cni-plugin, witness, kubernetes-dashboard-web, fq, secrets-store-csi-driver-provider-aws, vale, metacontroller, helm-push, opentelemetry-operator, regclient, aws-sigv4-proxy, kubecolor, nri-postgresql, velero-plugin-for-csi, falco-exporter,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: go-licenses, witness, kubernetes-dashboard-web, secrets-store-csi-driver-provider-aws, vale, metacontroller, helm-push, opentelemetry-operator, regclient, aws-sigv4-proxy, nri-postgresql, falco-exporter, thanos-operator, argo-events, kubernetes-dashboard,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: gatus, knative-client, delve, knative-eventing, cloud-provider-vsphere, witness, crossplane-provider-sql, kubernetes-dashboard-web, prometheus-operator, kube-fluentd-operator, secrets-store-csi-driver-provider-aws, x509-certificate-exporter, datadog-agent, grpcurl,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, age, loki-fips, azurefile-csi-fips, monstache, deck-fips, tkn-fips, wazero-fips, vertical-pod-autoscaler-fips, crossplane-provider-sql-fips, json-exporter, k8ssandra-operator, rabbitmq-messaging-topology-operator-fips, kaf, crossplane-fips, mailpit,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, loki-fips, kube-logging-operator-custom-runner, local-static-provisioner, neuvector-scanner-fips, falcoctl, buildkite-agent, envoy-gateway, minc, nuclei, aws-network-policy-agent, amazon-cloudwatch-agent-operator-fips, apache-exporter,...
CVE-2026-32280 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, loki-fips, kube-logging-operator-custom-runner, local-static-provisioner, neuvector-scanner-fips, falcoctl, buildkite-agent, envoy-gateway, minc, nuclei, aws-network-policy-agent, amazon-cloudwatch-agent-operator-fips, apache-exporter,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, loki-fips, kube-logging-operator-custom-runner, local-static-provisioner, neuvector-scanner-fips, falcoctl, buildkite-agent, envoy-gateway, minc, nuclei, aws-network-policy-agent, amazon-cloudwatch-agent-operator-fips, apache-exporter,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, loki-fips, kube-logging-operator-custom-runner, local-static-provisioner, neuvector-scanner-fips, falcoctl, buildkite-agent, envoy-gateway, minc, nuclei, aws-network-policy-agent, amazon-cloudwatch-agent-operator-fips, apache-exporter,...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: hydra, knative-eventing, cloud-provider-vsphere, tekton-pipelines, witness, crossplane-provider-sql, rancher-webhook, traefik, terragrunt, rancher-system-agent, crossplane-provider-family-aws, datadog-agent, calico, neuvector-sigstore-interface, jaeger, k8sgpt, xeol,...
GO-2026-4737 Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121 in github.com/argoproj-labs/terraform-provider-argocd
Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121 in github.com/argoproj-labs/terraform-provider-argocd...
GHSA-594F-3595-C47V Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121
Summary The terraform-provider-argocd might have been vulnerable to GO-2026-4337 / CVE-2025-68121 "Unexpected session resumption in crypto/tls". Details See https://pkg.go.dev/vuln/GO-2026-4337 for the upstream vulnerability. Provider versions starting with v7.15.1 are using go 1.25.8 for buildin...
Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121
Summary The terraform-provider-argocd might have been vulnerable to GO-2026-4337 / CVE-2025-68121 "Unexpected session resumption in crypto/tls". Details See https://pkg.go.dev/vuln/GO-2026-4337 for the upstream vulnerability. Provider versions starting with v7.15.1 are using go 1.25.8 for buildin...