5 matches found
GHSA-5VJQ-5JMG-39XQ Renovate affected by remote code execution was possible using the bazel-module or bazelisk managers, when using lockFileMaintenance
When using lockFileMaintenance using the bazel-module or bazelisk managers between Renovate 43.65.0 2026-03-12 and 43.102.11 2026-04-02, there was the opportunity for remote code execution from a malicious dependency, if the Bazel module executes code that relies on a dependency. As this is an...
Renovate affected by remote code execution was possible using the bazel-module or bazelisk managers, when using lockFileMaintenance
When using lockFileMaintenance using the bazel-module or bazelisk managers between Renovate 43.65.0 2026-03-12 and 43.102.11 2026-04-02, there was the opportunity for remote code execution from a malicious dependency, if the Bazel module executes code that relies on a dependency. As this is an...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: dask-gateway, litefs, flux-notification-controller, kube-arangodb, flux-image-reflector-controller, fscrypt, argocd-image-updater, kafkaexporter, envoy-ratelimit, crossplane-provider-azure-storage, speedtest-go, scorecard, kafka-proxy, kpt, aws-efs-csi-driver,...
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: dask-gateway, wireguard-go, grype, kwok, ctop, litefs, flux-image-reflector-controller, newrelic-infrastructure-agent, chartmuseum, nats, pombump, terraform, envoy-ratelimit, speedtest-go, bom, gosu, scorecard, kpt, logstash-exporter, docker-credential-gcr,...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: dask-gateway, wireguard-go, grype, kwok, ctop, litefs, flux-image-reflector-controller, newrelic-infrastructure-agent, chartmuseum, nats, pombump, terraform, envoy-ratelimit, speedtest-go, bom, gosu, scorecard, kpt, logstash-exporter, docker-credential-gcr,...