CLEANSTART-2026-GV56027 Security fixes for ghsa-58pv-8j8x-9vj2, ghsa-jm66-cg57-jjv5, ghsa-mrfv-m5wm-5w6w applied in versions: 2.81.0-r0

Multiple security vulnerabilities affect the az package. These issues are resolved in later releases. See references for individual vulnerability details...

GHSA-JM66-CG57-JJV5 vulnerabilities

Vulnerabilities for packages: az, open-webui, airflow, py3-cassandra-medusa, kserve...

GHSA-JM66-CG57-JJV5 vulnerabilities

Vulnerabilities for packages: kserve, pgadmin4, awx, open-webui, authentik-fips, authentik, az, request-1276, py3-cassandra-medusa, airflow, duplicity, barman...

CVE-2025-23727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in antonzaroutski AZ Content Finder az-content-finder allows Reflected XSS.This issue affects AZ Content Finder: from n/a through = 0.1...

CVE-2025-69277 vulnerabilities

Vulnerabilities for packages: datadog-agent, superset, az...

GHSA-MRFV-M5WM-5W6W vulnerabilities

Vulnerabilities for packages: datadog-agent, superset, az...

CVE-2026-21441 vulnerabilities

Vulnerabilities for packages: az, k8s-sidecar, open-webui, dask-kubernetes, ggshield, dask-gateway, pypy-3.11, confluent-docker-utils, kubeflow-katib, emissary, kubeflow-volumes-web-app, tensorflow-cpu-jupyter, mlflow, airflow, py3-cassandra-medusa, jupyter-base-notebook, kubeflow-pipelines,...

CVE-2025-69277 vulnerabilities

Vulnerabilities for packages: superset, datadog-agent, pgadmin4, datadog-agent-fips, az...

CVE-2026-21441 vulnerabilities

Vulnerabilities for packages: kserve, mlflow, checkov, awx, py3.13-scanner-test-libraries, authentik, label-studio, az, ansible-operator, nemo, datadog-agent, pypy-3.10, kubeflow-volumes-web-app, datadog-agent-fips, kubeflow-jupyter-web-app, airflow, localstack,...

GHSA-MRFV-M5WM-5W6W vulnerabilities

Vulnerabilities for packages: superset, datadog-agent, pgadmin4, datadog-agent-fips, az...

GHSA-38JV-5279-WG99 vulnerabilities

Vulnerabilities for packages: kserve, mlflow, checkov, awx, py3.13-scanner-test-libraries, authentik, label-studio, az, ansible-operator, nemo, datadog-agent, pypy-3.10, kubeflow-volumes-web-app, datadog-agent-fips, kubeflow-jupyter-web-app, airflow, localstack,...

EUVD-2006-2679

Malware in sbrugna...

EUVD-2019-4963

Malware in sbrugna...

EUVD-2001-0433

Malware in sbrugna...

EUVD-2006-0414

Malware in sbrugna...

EUVD-2005-1203

Malware in sbrugna...

EUVD-2025-3374

Malicious code in bioql PyPI...

Malicious code in az-css (npm)

The package az-css was found to contain malicious code...

Malicious code in @zalastax/nolb-az_ (npm)

The package @zalastax/nolb-az was found to contain malicious code...

MAL-2025-15252 Malicious code in az-bundler (npm)

The package az-bundler was found to contain malicious code...