68 matches found
CLEANSTART-2026-GZ35045 Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, CVE-2026-27143, CVE-2026-27144, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-gx3x-vq4p-mhhv, ghsa-hr2v-4r36-88hr, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2, ghsa-pjcq-xvwq-hhpj applied in versions: 2.4.0-r1, 2.4.0-r2, 2.4.0-r3
Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
cmctl-2.5.0-1.1 on GA media (moderate)
cmctl-2.5.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10672-1 Rating: moderate Cross-References: CVE-2026-32952 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the cmctl-2.5.0-1.1...
OPENSUSE-SU-2026:10672-1 cmctl-2.5.0-1.1 on GA media
These are all security issues fixed in the cmctl-2.5.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: chisel, step-ca, fuse-overlayfs-snapshotter, aws-eks-pod-identity-agent, cilium-cli, libnvidia-container, crossplane-provider-azure-storage, yunikorn-web, hugo, cloud-provider-aws, nats, aws-load-balancer-controller, jitsucom-bulker, prometheus-operator,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: chisel, step-ca, fuse-overlayfs-snapshotter, aws-eks-pod-identity-agent, cilium-cli, libnvidia-container, crossplane-provider-azure-storage, yunikorn-web, hugo, cloud-provider-aws, nats, aws-load-balancer-controller, jitsucom-bulker, prometheus-operator,...
CLEANSTART-2026-OL32822 Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, ghsa-gx3x-vq4p-mhhv applied in versions: 2.4.0-r1, 2.4.0-r2
Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: gomplate, k9s, argo-events, lazygit, guac, crossplane-provider-aws-firehose, trufflehog, cilium-cli, goreleaser, osv-scanner, grafana, crossplane-provider-azure-storage, docker-cli-buildx, pulumi-kubernetes-operator, crossplane-provider-aws-elasticache, kubescape,...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: gomplate, k9s, argo-events, lazygit, guac, crossplane-provider-aws-firehose, trufflehog, cilium-cli, goreleaser, osv-scanner, grafana, crossplane-provider-azure-storage, docker-cli-buildx, pulumi-kubernetes-operator, crossplane-provider-aws-elasticache, kubescape,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: flux-kustomize-controller-fips, terraform-provider-azurerm-fips, crossplane-provider-aws-rds, datadog-agent-fips, argo-events, crossplane-provider-aws-memorydb, zot, terraform-provider-azuread, commercial-grafana, crossplane-provider-aws-s3-fips,...
OPENSUSE-SU-2026:10249-1 cmctl-2.4.1-1.1 on GA media
These are all security issues fixed in the cmctl-2.4.1-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-25518 vulnerabilities
Vulnerabilities for packages: opentelemetry-operator-fips, cert-manager-google-cas-issuer, cert-manager-istio-csr-fips, percona-xtradb-cluster-operator, percona-server-mongodb-operator, mariadb-operator, step-issuer-fips, cert-manager-csi-driver, cert-manager-cmctl, cert-manager-openshift-routes,...
CVE-2026-25518 vulnerabilities
Vulnerabilities for packages: opentelemetry-operator, aws-privateca-issuer, step-issuer, percona-server-mongodb-operator, cert-manager-csi-driver, cert-manager-cmctl, cert-manager-webhook-pdns, mariadb-operator, cert-manager-istio-csr...
GHSA-GX3X-VQ4P-MHHV vulnerabilities
Vulnerabilities for packages: opentelemetry-operator, aws-privateca-issuer, step-issuer, percona-server-mongodb-operator, cert-manager-csi-driver, cert-manager-cmctl, cert-manager-webhook-pdns, mariadb-operator, cert-manager-istio-csr...
GHSA-G9Q4-QJX4-2V7Q vulnerabilities
Vulnerabilities for packages: gatekeeper, dask-gateway, helm-operator, fuse-overlayfs-snapshotter, kube-arangodb, kubernetes-dashboard, cert-manager-cmctl, nerdctl, cilium-cli, steampipe, kubo, goreleaser, osv-scanner, eksctl, opentofu, spire-server, rancher-helm, flux, src, scorecard,...
GHSA-CM6P-QC7V-M3JW vulnerabilities
Vulnerabilities for packages: chisel, sealed-secrets, fuse-overlayfs-snapshotter, aws-eks-pod-identity-agent, cilium-cli, cloud-provider-aws, crossplane-provider-aws-elasticache, hivemind, keda, aws-flb-cloudwatch, aws-privateca-issuer, kapp-controller, mc, step-kms-plugin, hubble, capslock,...
GHSA-GM9R-Q53W-2GH4 vulnerabilities
Vulnerabilities for packages: chisel, sealed-secrets, lazygit, mods, fuse-overlayfs-snapshotter, aws-eks-pod-identity-agent, guac, crossplane-provider-aws-firehose, nerdctl, sftpgo-plugin-geoipfilter, cilium-cli, terraform-docs, whereabouts, kubo, goreleaser, osv-scanner, dbmate, eksctl,...
GHSA-GR56-3GP6-6GMJ vulnerabilities
Vulnerabilities for packages: chisel, sealed-secrets, lazygit, mods, fuse-overlayfs-snapshotter, aws-eks-pod-identity-agent, guac, crossplane-provider-aws-firehose, nerdctl, sftpgo-plugin-geoipfilter, cilium-cli, terraform-docs, whereabouts, kubo, goreleaser, osv-scanner, dbmate, eksctl,...
GHSA-XVQR-69V8-F3GV vulnerabilities
Vulnerabilities for packages: chisel, sealed-secrets, fuse-overlayfs-snapshotter, aws-eks-pod-identity-agent, cilium-cli, cloud-provider-aws, crossplane-provider-aws-elasticache, hivemind, keda, aws-flb-cloudwatch, aws-privateca-issuer, kapp-controller, mc, step-kms-plugin, hubble, capslock,...
CVE-2025-61726 vulnerabilities
Vulnerabilities for packages: chisel, sealed-secrets, lazygit, mods, fuse-overlayfs-snapshotter, aws-eks-pod-identity-agent, guac, crossplane-provider-aws-firehose, nerdctl, sftpgo-plugin-geoipfilter, cilium-cli, terraform-docs, whereabouts, kubo, goreleaser, osv-scanner, dbmate, eksctl,...
CLEANSTART-2026-OH86281 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...