47 matches found
CVE-2026-50195 vulnerabilities
Vulnerabilities for packages: kaniko, trivy, docker-fips, cloudbeat-fips, grype-db, neuvector-scanner-fips, chainctl, spegel-fips, grype, docker-cli-buildx, neuvector-scanner, k9s, livekit-cli, zarf-fips, grype-fips, cloudbeat, manifest-tool, kube-mgmt, kubescape-server, packer-fips, syft,...
GHSA-33VJ-92QQ-66HC vulnerabilities
Vulnerabilities for packages: kaniko, trivy, docker-fips, cloudbeat-fips, grype-db, neuvector-scanner-fips, chainctl, spegel-fips, grype, docker-cli-buildx, neuvector-scanner, k9s, livekit-cli, zarf-fips, grype-fips, cloudbeat, manifest-tool, kube-mgmt, kubescape-server, packer-fips, syft,...
kas-dagger-utils (=1.0.0) potentially affected by CVE-2026-47192 via kas (=4.8.2)
kas PYPI version =4.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on kas and may be impacted: - kas-dagger-utils =1.0.0 Source cves: CVE-2026-47192 Source advisory: OSV:GHSA-4VQC-WPWG-VH7J...
kas-dagger-utils (=1.0.0) potentially affected by CVE-2026-47191 via kas (=4.8.2)
kas PYPI version =4.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on kas and may be impacted: - kas-dagger-utils =1.0.0 Source cves: CVE-2026-47191 Source advisory: OSV:GHSA-QJWP-HRQ6-R26R...
CVE-2026-32285 vulnerabilities
Vulnerabilities for packages: terragrunt, kubevela, goreleaser, k8sgpt, nfpm, dgraph, malcontent, opentelemetry-collector, tempo, grafana, grafana-alloy, minio, loki, k3s, cri-tools, dagger, rclone, terraform-mcp-server, nuclei, gitlab-runner, lazygit, opentelemetry-collector-contrib, redpanda,...
GHSA-6G7G-W4F8-9C9X vulnerabilities
Vulnerabilities for packages: terragrunt, kubevela, goreleaser, k8sgpt, nfpm, dgraph, malcontent, opentelemetry-collector, tempo, grafana, grafana-alloy, minio, loki, k3s, cri-tools, dagger, rclone, terraform-mcp-server, nuclei, gitlab-runner, lazygit, opentelemetry-collector-contrib, redpanda,...
GHSA-6G7G-W4F8-9C9X vulnerabilities
Vulnerabilities for packages: chainloop-cli, chainloop-control-plane, gitlab-runner, nfpm, opentelemetry-collector-contrib, cri-tools, mcp-grafana-fips, deck-fips, opentelemetry-collector, jfrog-cli, chainloop-control-plane-fips, prometheus, tempo, terragrunt-fips, redpanda, gitlab-runner-fips,...
EUVD-2008-6597
Malware in sbrugna...
MAL-2025-6920 Malicious code in dagger-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d58316229ef10836cd767174ee076e5fc92d8e4cf13f52b4b4950853503434a The OpenSSF Package Analysis project identified 'dagger-core' @ 13.8....
Malicious code in dagger-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d58316229ef10836cd767174ee076e5fc92d8e4cf13f52b4b4950853503434a The OpenSSF Package Analysis project identified 'dagger-core' @ 13.8....
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: fulcio-fips, nri-redis, opentofu-fips, gatekeeper-fips, kubelet-csr-approver-fips, opentelemetry-collector, licenseclassifier, yace, kubernetes-dashboard-metrics-scraper, kubernetes, nri-memcached, sonobuoy-fips, flux-helm-controller-fips, cilium-fips, http-echo,...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: docker-cli-buildx, ctop, kubevela, opa, k8sgpt, buildkitd, chartmuseum, melange, docker-compose, neuvector-scanner, rancher-fleet, envoy-gateway, trivy, newrelic-infrastructure-agent, zot, grype, nerdctl, kargo, k3s, xeol, k8ssandra-client, fuse-overlayfs-snapshotter...
CVE-2024-40635 vulnerabilities
Vulnerabilities for packages: trivy, newrelic-infrastructure-agent, helm-operator-fips, grype, flux-helm-controller-fips, grype-fips, nerdctl, helm-operator, osv-scanner, kots, k8ssandra-client, trivy-fips, docker-compose-fips, k8sgpt, opa, fuse-overlayfs-snapshotter, envoy-gateway-fips,...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: trivy, newrelic-infrastructure-agent, helm-operator-fips, grype, flux-helm-controller-fips, grype-fips, nerdctl, helm-operator, osv-scanner, kots, k8ssandra-client, trivy-fips, docker-compose-fips, k8sgpt, opa, fuse-overlayfs-snapshotter, envoy-gateway-fips,...
GHSA-2HMF-46V7-V6FX vulnerabilities
Vulnerabilities for packages: external-dns-fips, dagger, melange, external-dns, zot, guac...
CVE-2023-49559 vulnerabilities
Vulnerabilities for packages: external-dns-fips, dagger, melange, external-dns, zot, guac...
CVE-2024-32473 vulnerabilities
Vulnerabilities for packages: kaniko, buf, cri-tools, dagger, harbor-scanner-trivy-fips, melange, helm-push, k3d, policy-controller, syft, harbor-scanner-trivy, docker-compose, grype, neuvector-scanner, wolfictl, docker, policy-controller-fips...
CVE-2024-32473 vulnerabilities
Vulnerabilities for packages: docker-compose, kaniko, neuvector-scanner, buf, grype, k3d, policy-controller, wolfictl, cri-tools, syft, harbor-scanner-trivy, docker, helm-push, dagger, melange...
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: kaniko, buf, cri-tools, dagger, harbor-scanner-trivy-fips, melange, helm-push, k3d, policy-controller, syft, harbor-scanner-trivy, docker-compose, grype, neuvector-scanner, wolfictl, docker, policy-controller-fips...
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: docker-compose, kaniko, neuvector-scanner, buf, grype, k3d, policy-controller, wolfictl, cri-tools, syft, harbor-scanner-trivy, docker, helm-push, dagger, melange...