Lucene search
+L

377 matches found

Wolfi
Wolfi
added 2024/02/15 3:34 p.m.25 views

GHSA-V53G-5GJP-272R vulnerabilities

Vulnerabilities for packages: cilium-cli, kubescape, k8sgpt, helm-operator, up, trivy, k9s, zot, flux-helm-controller, eksctl, chartmuseum, flux-source-controller, kots, kubevela, helm-push, zarf...

5.3AI score
Exploits0
OSV
OSV
added 2024/02/15 12:15 a.m.8 views

AZL-34355 CVE-2024-25620 affecting package cert-manager for versions less than 1.11.2-12

Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the...

6.4CVSS6.8AI score0.00567EPSS
Exploits0References1
Chainguard
Chainguard
added 2024/02/15 12:15 a.m.70 views

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: trivy, kubescape, cert-manager-fips, flux-helm-controller, up, chartmuseum, cert-manager, eksctl, kots, zarf, zot, cilium-cli, flux-source-controller, k8sgpt, helm-push, k9s, helm-operator, kubevela...

6.4CVSS6.7AI score0.00567EPSS
Exploits0
Chainguard
Chainguard
added 2024/02/01 8:51 p.m.52 views

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: skaffold, k3s, helm-operator-fips, chartmuseum, dagger, docker-credential-gcr, eksctl, skopeo, datadog-agent-fips, zot, buildkitd, goreleaser, k9s, kubevela, cadvisor, helm, timoni, ctop, argo-workflows-fips, cri-tools, crane, kpt, datadog-agent, argo-workflows,...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2024/02/01 5:15 p.m.51 views

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: skaffold, k3s, helm-operator-fips, chartmuseum, dagger, docker-credential-gcr, eksctl, skopeo, datadog-agent-fips, zot, buildkitd, goreleaser, k9s, kubevela, cadvisor, helm, timoni, ctop, argo-workflows-fips, cri-tools, crane, kpt, datadog-agent, argo-workflows,...

7.8CVSS6.8AI score0.00258EPSS
Exploits0
Chainguard
Chainguard
added 2023/12/19 9:17 p.m.80 views

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: skaffold, kaniko, rancher-agent, grype, gitness, eksctl, zot, buildkitd, kubevela, helm, fuse-overlayfs-snapshotter, melange, ctop, flux-source-controller, k3d, trivy, kubescape, cert-manager-fips, newrelic-infrastructure-agent, cilium-cli, k8sgpt,...

5.2AI score
Exploits0
Chainguard
Chainguard
added 2023/12/18 7:22 p.m.38 views

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: tigera-operator-fips, kyverno-policy-reporter, kubeflow, kaf, trillian-fips, eksctl, skopeo, zot, kubeflow-pipelines, prometheus-bind-exporter, kubeflow-fips, gomplate, temporal-ui-server-fips, flux-kustomize-controller, metrics-server-fips, prometheus-mysqld-exporte...

5.2AI score
Exploits0
OSV
OSV
added 2023/12/18 4:15 p.m.8 views

AZL-34581 CVE-2023-48795 affecting package cert-manager for versions less than 1.12.12-1

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

5.9CVSS6.7AI score0.93305EPSS
Exploits4References1
OSV
OSV
added 2023/12/18 4:15 p.m.7 views

AZL-32195 CVE-2023-48795 affecting package cert-manager for versions less than 1.11.2-7

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

5.9CVSS6.7AI score0.93305EPSS
Exploits4References1
OSV
OSV
added 2023/12/08 10:15 p.m.9 views

AZL-34585 CVE-2023-6337 affecting package cert-manager for versions less than 1.12.12-1

HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of...

7.5CVSS7.2AI score0.00792EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/20 11:46 a.m.15 views

CVE-2023-46100 Cert manager has a use of uninitialized resource vulnerability

in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource...

6.2CVSS6.5AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/20 11:46 a.m.14 views

CVE-2023-46100 Cert manager has a use of uninitialized resource vulnerability

in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource...

6.2CVSS6.6AI score0.0021EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/11/15 3:12 a.m.66 views

Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.12.1

cert-manager Operator for Red Hat OpenShift 1.12.1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7AI score0.99999EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/11/15 1:8 a.m.67 views

Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.11.5

cert-manager Operator for Red Hat OpenShift 1.11.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7AI score0.03796EPSS
Exploits0References6
Wolfi
Wolfi
added 2023/11/10 7:15 p.m.90 views

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: kubescape, kubernetes-csi-external-resizer, cri-tools, k3s, kine, buildkitd, temporal, temporal-server, volume-modifier-for-k8s, metrics-server, docker-compose, kubernetes, kubevela, envoy-ratelimit...

7.5CVSS6.8AI score0.01592EPSS
Exploits0
Chainguard
Chainguard
added 2023/10/30 3:25 p.m.59 views

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: skaffold, k3s, rancher-agent, chartmuseum, ctop, kpt, k3d, kubescape, slsa-verifier, falcoctl-fips, tekton-chains, aactl, bom, paranoia, scorecard, spire-server-fips, cert-manager, up, falco...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2023/10/25 9:17 p.m.179 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: kubescape, scorecard, kubeflow, cortex, slsa-verifier, dgraph, up, buildkitd, terraform-provider-sendgrid, src, kubevela, k3d, spark-operator, aactl, prometheus-blackbox-exporter, falco...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2023/10/25 9:17 p.m.87 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips, kubeflow, conftest-fips, dgraph, cortex, kiam, buildkitd, kubernetes-csi-livenessprobe-fips, kubevela, kubeflow-fips, prometheus-blackbox-exporter, prometheus-stackdriver-exporter, terraform-provider-sendgrid-fips, volume-modifier-for-k8s-fip...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2023/10/16 2:1 p.m.50 views

GHSA-RCJV-MGP8-QVMR vulnerabilities

Vulnerabilities for packages: caddy, prometheus-adapter, k3s, rancher-webhook, kube-oidc-proxy, cert-manager, kubernetes-fips, metrics-server-fips, buildkitd, kubernetes, up, kubevela, rancher-webhook-fips...

5.3AI score
Exploits0
CBLMariner
CBLMariner
added 2023/10/12 7:11 p.m.21 views

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is available...

7.5CVSS8.3AI score0.03796EPSS
Exploits0
Rows per page
Query Builder