377 matches found
CVE-2026-25518 vulnerabilities
Vulnerabilities for packages: aws-privateca-issuer-fips, cert-manager-cmctl-fips, percona-xtradb-cluster-operator-fips, cert-manager-istio-csr, percona-server-mongodb-operator, aws-privateca-issuer, cert-manager-csi-driver-fips, cert-manager-csi-driver, opentelemetry-operator,...
CVE-2026-25518 vulnerabilities
Vulnerabilities for packages: mariadb-operator, percona-server-mongodb-operator, opentelemetry-operator, step-issuer, cert-manager-csi-driver, cert-manager-webhook-pdns, aws-privateca-issuer, cert-manager-cmctl, cert-manager-istio-csr...
GHSA-GX3X-VQ4P-MHHV vulnerabilities
Vulnerabilities for packages: mariadb-operator, percona-server-mongodb-operator, opentelemetry-operator, step-issuer, cert-manager-csi-driver, cert-manager-webhook-pdns, aws-privateca-issuer, cert-manager-cmctl, cert-manager-istio-csr...
GHSA-GX3X-VQ4P-MHHV vulnerabilities
Vulnerabilities for packages: aws-privateca-issuer-fips, cert-manager-cmctl-fips, percona-xtradb-cluster-operator-fips, cert-manager-istio-csr, percona-server-mongodb-operator, aws-privateca-issuer, cert-manager-csi-driver-fips, cert-manager-csi-driver, opentelemetry-operator,...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the DNS cache. An attacker can cause the controller to panic and become unavailable by inserting a specially crafted DNS response into the cache, either by intercepting and modifying DNS traffic or by controlli...
GHSA-GX3X-VQ4P-MHHV cert-manager-controller DoS via Specially Crafted DNS Response
Impact The cert-manager-controller performs DNS lookups during ACME DNS-01 processing for zone discovery and propagation self-checks. By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a...
cert-manager-controller DoS via Specially Crafted DNS Response
Impact The cert-manager-controller performs DNS lookups during ACME DNS-01 processing for zone discovery and propagation self-checks. By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a...
PT-2026-6430
Impact The cert-manager-controller performs DNS lookups during ACME DNS-01 processing for zone discovery and propagation self-checks. By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a...
PT-2026-6308
Name of the Vulnerable Software and Affected Versions cert-manager versions 1.18.0 through 1.18.4 cert-manager versions 1.19.0 through 1.19.2 Description cert-manager simplifies the process of obtaining, renewing, and using certificates in Kubernetes clusters. The cert-manager-controller performs...
CVE-2025-61728 vulnerabilities
Vulnerabilities for packages: conftest, kubevela-fips, redis-operator-fips, flux-helm-controller-fips, trufflehog-fips, nerdctl, ingress-nginx-controller, datadog-agent-fips, external-secrets-operator-fips, flux-notification-controller, gitlab-rails-ce, gitness, kubeflow-katib, opentofu-fips, bom...
GHSA-G9Q4-QJX4-2V7Q vulnerabilities
Vulnerabilities for packages: nerdctl, kubernetes-dashboard-api, dask-gateway, kine, minio, eksctl, argo-cd, flux-image-automation-controller, kube-arangodb, helm-operator, kubernetes-dns-node-cache, gitness, opensearch-k8s-operator, opentofu, conftest, cert-manager-cmctl, scorecard, ferretdb, sr...
CVE-2025-61728 vulnerabilities
Vulnerabilities for packages: nerdctl, kubernetes-dashboard-api, dask-gateway, kine, minio, eksctl, argo-cd, flux-image-automation-controller, kube-arangodb, helm-operator, kubernetes-dns-node-cache, gitness, opensearch-k8s-operator, opentofu, conftest, cert-manager-cmctl, scorecard, ferretdb, sr...
GHSA-XVQR-69V8-F3GV vulnerabilities
Vulnerabilities for packages: amass, nri-postgresql, kyverno-policy-reporter-ui, kubernetes-dns-node-cache, kubernetes-dashboard, container-object-storage-interface, cloud-provider-vsphere, sealed-secrets, k8sgateway, swagger, timoni, crossplane-provider-aws-ec2, modelmesh-runtime-adapter,...
GHSA-GR56-3GP6-6GMJ vulnerabilities
Vulnerabilities for packages: crossplane-provider-family-aws, dask-gateway, amass, govulncheck, kine, spqr, nri-postgresql, openbao-k8s, local-static-provisioner, aws-signer-notation-plugin, ipfs-cluster, rancher-system-upgrade-controller, restic, kyverno-policy-reporter-ui, wgcf,...
GHSA-CM6P-QC7V-M3JW vulnerabilities
Vulnerabilities for packages: amass, nri-postgresql, kyverno-policy-reporter-ui, kubernetes-dns-node-cache, kubernetes-dashboard, container-object-storage-interface, cloud-provider-vsphere, sealed-secrets, k8sgateway, swagger, timoni, crossplane-provider-aws-ec2, modelmesh-runtime-adapter,...
CVE-2025-61731 vulnerabilities
Vulnerabilities for packages: amass, nri-postgresql, kyverno-policy-reporter-ui, kubernetes-dns-node-cache, kubernetes-dashboard, container-object-storage-interface, cloud-provider-vsphere, sealed-secrets, k8sgateway, swagger, timoni, crossplane-provider-aws-ec2, modelmesh-runtime-adapter,...
GHSA-GM9R-Q53W-2GH4 vulnerabilities
Vulnerabilities for packages: crossplane-provider-family-aws, dask-gateway, amass, kine, spqr, nri-postgresql, openbao-k8s, local-static-provisioner, aws-signer-notation-plugin, ipfs-cluster, rancher-system-upgrade-controller, restic, kyverno-policy-reporter-ui, wgcf, kubernetes-dns-node-cache,...
CVE-2025-68119 vulnerabilities
Vulnerabilities for packages: amass, nri-postgresql, kyverno-policy-reporter-ui, kubernetes-dns-node-cache, kubernetes-dashboard, container-object-storage-interface, cloud-provider-vsphere, sealed-secrets, k8sgateway, swagger, timoni, crossplane-provider-aws-ec2, modelmesh-runtime-adapter,...
CVE-2025-61726 vulnerabilities
Vulnerabilities for packages: crossplane-provider-family-aws, dask-gateway, amass, kine, spqr, nri-postgresql, openbao-k8s, local-static-provisioner, aws-signer-notation-plugin, ipfs-cluster, rancher-system-upgrade-controller, restic, kyverno-policy-reporter-ui, wgcf, kubernetes-dns-node-cache,...
CLEANSTART-2026-YC48827 Within HostnameError
Multiple security vulnerabilities affect the cert-manager-fips package. Within HostnameError. See references for individual vulnerability details...