GHSA-33VJ-92QQ-66HC vulnerabilities

Vulnerabilities for packages: zot, buildkitd, docker-cli-buildx-fips, wolfictl, kaniko-fips, neuvector-scanner, cloudbeat-fips, manifest-tool, trivy-operator-fips, docker, neuvector, packer-fips, grype, kubescape-server, syft, trivy, docker-compose-fips, kaniko, grype-db, neuvector-fips,...

CVE-2026-50195 vulnerabilities

Vulnerabilities for packages: zot, buildkitd, docker-cli-buildx-fips, wolfictl, kaniko-fips, neuvector-scanner, cloudbeat-fips, manifest-tool, trivy-operator-fips, docker, neuvector, packer-fips, grype, kubescape-server, syft, trivy, docker-compose-fips, kaniko, grype-db, neuvector-fips,...

kas-dagger-utils (=1.0.0) potentially affected by CVE-2026-47192 via kas (=4.8.2)

kas PYPI version =4.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on kas and may be impacted: - kas-dagger-utils =1.0.0 Source cves: CVE-2026-47192 Source advisory: OSV:GHSA-4VQC-WPWG-VH7J...

kas-dagger-utils (=1.0.0) potentially affected by CVE-2026-47191 via kas (=4.8.2)

kas PYPI version =4.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on kas and may be impacted: - kas-dagger-utils =1.0.0 Source cves: CVE-2026-47191 Source advisory: OSV:GHSA-QJWP-HRQ6-R26R...

CVE-2026-32285 vulnerabilities

Vulnerabilities for packages: gitlab-runner, nfpm, opentelemetry-collector-contrib, cri-tools, opentelemetry-collector, prometheus, tempo, redpanda, kubevela, malcontent, grafana-alloy, terragrunt, mcp-grafana, teleport, weaviate, maru, dgraph, rclone, lazygit, vcluster, loki, dagger, eksctl,...

GHSA-6G7G-W4F8-9C9X vulnerabilities

Vulnerabilities for packages: gitlab-runner, nfpm, opentelemetry-collector-contrib, cri-tools, opentelemetry-collector, prometheus, tempo, redpanda, kubevela, malcontent, grafana-alloy, terragrunt, mcp-grafana, teleport, weaviate, maru, dgraph, rclone, lazygit, vcluster, loki, dagger, eksctl,...

GHSA-6G7G-W4F8-9C9X vulnerabilities

Vulnerabilities for packages: commercial-grafana, opentelemetry-collector-contrib-fips, datadog-agent, dgraph, weaviate, grafana-beyla, ollama, deck-fips, chainloop-control-plane-fips, rclone, loki-fips, k3s, gitlab-runner-fips, teleport, elastic-agent, cg, grafana-alloy-fips, mcp-grafana-fips,...

EUVD-2008-6597

Malware in sbrugna...

Malicious code in dagger-core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d58316229ef10836cd767174ee076e5fc92d8e4cf13f52b4b4950853503434a The OpenSSF Package Analysis project identified 'dagger-core' @ 13.8....

MAL-2025-6920 Malicious code in dagger-core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d58316229ef10836cd767174ee076e5fc92d8e4cf13f52b4b4950853503434a The OpenSSF Package Analysis project identified 'dagger-core' @ 13.8....

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: supercronic, direnv, databricks-cli-fips, kubescape-operator-fips, cerbos-fips, jitsucom-bulker, rancher-agent, eck-operator, apko-fips, argo-cd-fips, eksctl, ini-file, qemu-guesthelper, tigera-operator-fips, polaris-fips, cluster-api-ipam-provider-in-cluster,...

GHSA-265R-HFXG-FHMG vulnerabilities

Vulnerabilities for packages: kaniko, trivy, envoy-gateway, ctop, newrelic-infrastructure-agent, opa-envoy, cluster-api-helm-controller, grype, rancher-fleet, xeol, docker-cli-buildx, neuvector-scanner, kubevela, kargo, nerdctl, helm-operator, linkerd2, osv-scanner, syft, docker-compose, zot, kot...

CVE-2024-40635 vulnerabilities

Vulnerabilities for packages: opa, helm-fips, docker-cli-buildx-fips, k8ssandra-client, kaniko-fips, neuvector-scanner, rancher-agent, cloudbeat-fips, newrelic-infrastructure-agent, flux-helm-controller-fips, eksctl, helm, trivy, docker-compose-fips, xeol, neuvector-fips,...

GHSA-265R-HFXG-FHMG vulnerabilities

Vulnerabilities for packages: opa, helm-fips, docker-cli-buildx-fips, k8ssandra-client, kaniko-fips, neuvector-scanner, rancher-agent, cloudbeat-fips, newrelic-infrastructure-agent, flux-helm-controller-fips, eksctl, helm, trivy, docker-compose-fips, xeol, neuvector-fips,...

GHSA-2HMF-46V7-V6FX vulnerabilities

Vulnerabilities for packages: melange, zot, external-dns-fips, external-dns, guac, dagger...

CVE-2023-49559 vulnerabilities

Vulnerabilities for packages: melange, zot, external-dns-fips, external-dns, guac, dagger...

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: docker, harbor-scanner-trivy, cri-tools, docker-compose, harbor-scanner-trivy-fips, melange, wolfictl, neuvector-scanner, policy-controller-fips, helm-push, buf, policy-controller, grype, syft, k3d, kaniko, dagger...

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: kaniko, buf, cri-tools, dagger, melange, helm-push, k3d, policy-controller, syft, harbor-scanner-trivy, docker-compose, grype, neuvector-scanner, wolfictl, docker...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: docker, harbor-scanner-trivy, cri-tools, docker-compose, harbor-scanner-trivy-fips, melange, wolfictl, neuvector-scanner, policy-controller-fips, helm-push, buf, policy-controller, grype, syft, k3d, kaniko, dagger...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: kaniko, buf, cri-tools, dagger, melange, helm-push, k3d, policy-controller, syft, harbor-scanner-trivy, docker-compose, grype, neuvector-scanner, wolfictl, docker...