377 matches found
CVE-2026-39350 vulnerabilities
Vulnerabilities for packages: cert-manager-istio-csr...
GHSA-9GCG-W975-3RJH vulnerabilities
Vulnerabilities for packages: cert-manager-istio-csr...
PT-2026-33182
Name of the Vulnerable Software and Affected Versions Istio versions 1.25.0 through 1.27.8 Istio versions 1.28.0 through 1.28.5 Istio versions 1.29.0 through 1.29.1 Description In the AuthorizationPolicy, the serviceAccounts and notServiceAccounts fields incorrectly interpret dots . as regular...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: kubescape, jitsucom-bulker, nri-consul, spire-server, xeol, s5cmd, datadog-agent, rancher, dask-gateway, aws-application-networking-k8s, cosign, harbor-scanner-trivy, dapr, cerbos, cilium, coredns, step-issuer, bom, cilium-cli, nri-prometheus, knative-operator, frp,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: litestream, gitsign, flux-source-controller, kubernetes-dashboard, mc, telegraf, crossplane, kubescape, jitsucom-bulker, gatus, kubescape-operator, flux-helm-controller, harbor, crossplane-provider-azure-managedidentity, spire-server, certificate-transparency,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: litestream, gitsign, flux-source-controller, kubernetes-dashboard, mc, telegraf, crossplane, kubescape, jitsucom-bulker, gatus, kubescape-operator, flux-helm-controller, harbor, crossplane-provider-azure-managedidentity, spire-server, certificate-transparency,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kubescape, jitsucom-bulker, nri-consul, spire-server, xeol, s5cmd, datadog-agent, rancher, dask-gateway, aws-application-networking-k8s, cosign, harbor-scanner-trivy, mkcert, dapr, cerbos, cilium, coredns, step-issuer, opentelemetry-collector, bom, cilium-cli,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: prometheus-blackbox-exporter-fips, kubernetes-csi-driver-nfs-fips, docker-machine-driver-linode, helm-fips, tofu-controller-fips, step-ca-fips, traefik-fips, kubernetes-dashboard-web, grafana-mimir, volume-modifier-for-k8s, kubernetes, rancher-fleet, cadvisor,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: mongodb-kubernetes-operator-fips, newrelic-k8s-metadata-injection, kubernetes-csi-driver-nfs-fips, tofu-controller-fips, traefik-fips, volume-modifier-for-k8s, rancher-fleet, kube-state-metrics, rke2-runtime-fips, velero-plugin-for-microsoft-azure,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: mongodb-kubernetes-operator-fips, crane, newrelic-k8s-metadata-injection, prometheus-blackbox-exporter-fips, aws-iam-authenticator-fips, amazon-eks-ami, kubernetes-csi-driver-nfs-fips, amazon-ssm-agent, prometheus-beat-exporter-fips, rekor-fips,...
CLEANSTART-2026-MI26424 net/url package does not set a limit on the number of query parameters in a query
Multiple security vulnerabilities affect the cert-manager package. The net/url package does not set a limit on the number of query parameters in a query. See references for individual vulnerability details...
CLEANSTART-2026-BY59711 gRPC-Go is the Go language implementation of gRPC
Multiple security vulnerabilities affect the cert-manager-webhook-pdns-fips package. gRPC-Go is the Go language implementation of gRPC. See references for individual vulnerability details...
Security Bulletin: IBM App Connect Enterprise Certified Container operator is vulnerable to denial of service (CVE-2026-25518)
Summary Golang module cert-manager/cert-manager is used by IBM App Connect Enterprise Certified Container for interacting with the Kubernetes cluster cert-manager. IBM App Connect Enterprise Certified Container operator is vulnerable to denial of service. This bulletin provides patch information ...
CVE-2026-34986 vulnerabilities
Vulnerabilities for packages: velero, omni, amazon-ssm-agent, headlamp, rekor-fips, step-ca-fips, traefik-fips, grafana-mimir, cloudflared, terraform-provider-acme-fips, syft, kaniko, tekton-pipelines-fips, livekit-server-fips, seaweedfs-operator, task-fips, chainloop-cli, gitlab-kas, tflint,...
GHSA-78H2-9FRX-2JM8 vulnerabilities
Vulnerabilities for packages: velero, omni, amazon-ssm-agent, headlamp, rekor-fips, step-ca-fips, traefik-fips, grafana-mimir, cloudflared, terraform-provider-acme-fips, syft, kaniko, tekton-pipelines-fips, livekit-server-fips, seaweedfs-operator, task-fips, chainloop-cli, gitlab-kas, tflint,...
CLEANSTART-2026-DS01292 Security fixes for CVE-2025-47910, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-27141, ghsa-9h8m-3fm2-qjrq applied in versions: 1.19.1-r0, 1.19.2-r0, 1.19.2-r1
Multiple security vulnerabilities affect the cert-manager-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-AL75891 Security fixes for CVE-2026-24051, ghsa-9h8m-3fm2-qjrq applied in versions: 1.19.2-r0
Multiple security vulnerabilities affect the cert-manager package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-OL32822 Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, ghsa-gx3x-vq4p-mhhv applied in versions: 2.4.0-r1, 2.4.0-r2
Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.17.1
cert-manager Operator for Red Hat OpenShift 1.17.1 The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to...
CVE-2025-47911 affecting package cert-manager for versions less than 1.12.15-6
CVE-2025-47911 affecting package cert-manager for versions less than 1.12.15-6. A patched version of the package is available...