Lucene search
+L

5 matches found

OSV
OSV
added 2026/04/16 1:34 a.m.5 views

GHSA-5VJQ-5JMG-39XQ Renovate affected by remote code execution was possible using the bazel-module or bazelisk managers, when using lockFileMaintenance

When using lockFileMaintenance using the bazel-module or bazelisk managers between Renovate 43.65.0 2026-03-12 and 43.102.11 2026-04-02, there was the opportunity for remote code execution from a malicious dependency, if the Bazel module executes code that relies on a dependency. As this is an...

6.3CVSS6.4AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/16 1:34 a.m.16 views

Renovate affected by remote code execution was possible using the bazel-module or bazelisk managers, when using lockFileMaintenance

When using lockFileMaintenance using the bazel-module or bazelisk managers between Renovate 43.65.0 2026-03-12 and 43.102.11 2026-04-02, there was the opportunity for remote code execution from a malicious dependency, if the Bazel module executes code that relies on a dependency. As this is an...

6.4AI score
Exploits0References3Affected Software1
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.16 views

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: dask-gateway, litefs, flux-notification-controller, kube-arangodb, flux-image-reflector-controller, fscrypt, argocd-image-updater, kafkaexporter, envoy-ratelimit, crossplane-provider-azure-storage, speedtest-go, scorecard, kafka-proxy, kpt, aws-efs-csi-driver,...

7.5CVSS7.1AI score0.00349EPSS
Exploits0
Wolfi
Wolfi
added 2025/02/25 3:16 p.m.55 views

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: dask-gateway, wireguard-go, grype, kwok, ctop, litefs, flux-image-reflector-controller, newrelic-infrastructure-agent, chartmuseum, nats, pombump, terraform, envoy-ratelimit, speedtest-go, bom, gosu, scorecard, kpt, logstash-exporter, docker-credential-gcr,...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2025/02/25 3:16 p.m.66 views

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: dask-gateway, wireguard-go, grype, kwok, ctop, litefs, flux-image-reflector-controller, newrelic-infrastructure-agent, chartmuseum, nats, pombump, terraform, envoy-ratelimit, speedtest-go, bom, gosu, scorecard, kpt, logstash-exporter, docker-credential-gcr,...

5.3AI score
Exploits0
Rows per page
Query Builder