14 matches found
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: packer-fips, rancher-agent, rancher, opentofu, minio-fips, rclone, flux-source-controller, versitygw, cloudbeat-fips, trufflehog-fips, openbao, cert-manager-istio-csr-fips, cert-manager-fips, seaweedfs-rocksdb, ratify-fips, cert-manager-openshift-routes-fips,...
CLEANSTART-2026-DS01292 Security fixes for CVE-2025-47910, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-27141, ghsa-9h8m-3fm2-qjrq applied in versions: 1.19.1-r0, 1.19.2-r0, 1.19.2-r1
Multiple security vulnerabilities affect the cert-manager-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-SM37781 Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Multiple security vulnerabilities affect the cert-manager-fips package. Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic See references for individual vulnerability details...
CVE-2025-61728 vulnerabilities
Vulnerabilities for packages: argo-cd, packer-fips, rancher-agent, apm-server-fips, opentofu, calico, gitlab-workhorse-ce-fips, apm-server, traefik, cloudbeat-fips, steampipe, trufflehog-fips, src, goreleaser, k9s-fips, kubo, loki, conftest-fips, gatekeeper-fips, flux-notification-controller, k3s...
CLEANSTART-2026-YC48827 Within HostnameError
Multiple security vulnerabilities affect the cert-manager-fips package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-DP30290 processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input
Multiple security vulnerabilities affect the cert-manager-fips package. The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. See references for individual vulnerability details...
GHSA-GHW8-3XQW-HHCJ vulnerabilities
Vulnerabilities for packages: step-issuer, cert-manager-cmctl-fips, step-issuer-fips, aws-privateca-issuer, cert-manager-webhook-pdns-fips, cert-exporter, aws-privateca-issuer-fips, cert-manager-fips, cert-manager-webhook-pdns, cert-manager, cert-manager-istio-csr, cert-manager-cmctl,...
GHSA-56W8-48FP-6MGV vulnerabilities
Vulnerabilities for packages: k3s, gitlab-rails-ce-fips, backup-restore-operator, gitlab-rails-ce, falco-no-driver, rke2-runtime-fips, terraform, vault, cert-manager-fips, consul-k8s...
CVE-2025-47913 vulnerabilities
Vulnerabilities for packages: k3s, gitlab-rails-ce-fips, backup-restore-operator, gitlab-rails-ce, falco-no-driver, rke2-runtime-fips, terraform, vault, cert-manager-fips, consul-k8s...
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: logstash-exporter, prometheus-adapter, clusterctl, aws-efs-csi-driver-fips, crossplane-provider-azure-storage, flux-source-controller, protoc-gen-go-grpc, spire-server-fips, goreleaser, flux-notification-controller, kuberay-operator, crossplane-provider-aws-cloudfron...
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: docker-credential-gcr, flux-helm-controller, trivy, aactl, tekton-chains, datadog-agent, cosign-fips, zarf, zot, k3d, kargo, ko-fips, guac, gitsign, argo-workflows, bom, newrelic-infrastructure-agent, pulumi, k8sgpt, policy-controller-fips,...
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: docker-credential-gcr, flux-helm-controller, trivy, aactl, tekton-chains, datadog-agent, cosign-fips, zarf, zot, k3d, kargo, ko-fips, guac, gitsign, argo-workflows, bom, newrelic-infrastructure-agent, pulumi, k8sgpt, policy-controller-fips,...
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: aactl, tekton-chains, rancher-agent, k3d, bom, falcoctl-fips, spire-server-fips, up, falco, chartmuseum, skaffold, paranoia, k3s, kpt, scorecard, cert-manager, slsa-verifier, ctop, kubescape...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: flux-helm-controller, gke-gcloud-auth-plugin, coredns, metacontroller, nodetaint, secrets-store-csi-driver, prometheus-adapter, aws-efs-csi-driver-fips, k3d, flux-source-controller, metrics-server-fips, prometheus-pushgateway-fips, src, rqlite, kiam,...