49 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: rancher-agent, crossplane-provider-azure-managedidentity, teleport, kubernetes, flux-kustomize-controller, steampipe, gomplate, k3s, osv-scanner, prometheus, eksctl, vitess, external-secrets-operator, step-kms-plugin, tekton-chains, syft, cluster-api-azure-controller...
GHSA-F5WC-C3C7-36MC vulnerabilities
Vulnerabilities for packages: rancher-agent, teleport, kubernetes, gomplate, k3s, osv-scanner, prometheus, vitess, external-secrets-operator, step-kms-plugin, syft, telegraf, containerd, cert-manager, trivy, pulumi-language-dotnet, pulumi-language-java, trivy-operator, nerdctl, apko,...
CVE-2026-50195 vulnerabilities
Vulnerabilities for packages: chainctl-fips, newrelic-infrastructure-agent-fips, kube-arangodb-fips, chartmuseum-fips, trivy-fips, eksctl, spegel-fips, linkerd2, neuvector-scanner, xeol-fips, kots, trivy, wolfictl, datadog-agent, steampipe, syft-fips, buildkitd, containerd, rancher,...
GHSA-33VJ-92QQ-66HC vulnerabilities
Vulnerabilities for packages: chainctl-fips, newrelic-infrastructure-agent-fips, kube-arangodb-fips, chartmuseum-fips, trivy-fips, eksctl, spegel-fips, linkerd2, neuvector-scanner, xeol-fips, kots, trivy, wolfictl, datadog-agent, steampipe, syft-fips, buildkitd, containerd, rancher,...
kas-dagger-utils (=1.0.0) potentially affected by CVE-2026-47192 via kas (=4.8.2)
kas PYPI version =4.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on kas and may be impacted: - kas-dagger-utils =1.0.0 Source cves: CVE-2026-47192 Source advisory: OSV:GHSA-4VQC-WPWG-VH7J...
kas-dagger-utils (=1.0.0) potentially affected by CVE-2026-47191 via kas (=4.8.2)
kas PYPI version =4.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on kas and may be impacted: - kas-dagger-utils =1.0.0 Source cves: CVE-2026-47191 Source advisory: OSV:GHSA-QJWP-HRQ6-R26R...
CVE-2026-32285 vulnerabilities
Vulnerabilities for packages: redpanda, loki, rclone, vcluster, tempo, mcp-grafana, teleport, grafana, dagger, k3s, k8sgpt, prometheus, opentelemetry-collector-contrib, eksctl, lazygit, weaviate, dgraph, gitlab-runner, nfpm, ollama, terragrunt, grafana-alloy, malcontent, datadog-agent, nuclei,...
GHSA-6G7G-W4F8-9C9X vulnerabilities
Vulnerabilities for packages: redpanda, loki, rclone, vcluster, tempo, mcp-grafana, teleport, grafana, dagger, k3s, k8sgpt, prometheus, opentelemetry-collector-contrib, eksctl, lazygit, weaviate, dgraph, gitlab-runner, nfpm, ollama, terragrunt, grafana-alloy, malcontent, datadog-agent, nuclei,...
GHSA-6G7G-W4F8-9C9X vulnerabilities
Vulnerabilities for packages: redpanda, grafana-alloy-fips, prometheus, loki, opentelemetry-collector, k8sgpt, datadog-agent-fips, rclone, opentelemetry-collector-contrib, terragrunt-fips, chainloop-cli-fips, deck, cri-tools, eksctl, witness, jfrog-cli, k3s, grafana-alloy, nuclei, chainloop-cli,...
EUVD-2008-6597
Malware in sbrugna...
Malicious code in dagger-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d58316229ef10836cd767174ee076e5fc92d8e4cf13f52b4b4950853503434a The OpenSSF Package Analysis project identified 'dagger-core' @ 13.8....
MAL-2025-6920 Malicious code in dagger-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d58316229ef10836cd767174ee076e5fc92d8e4cf13f52b4b4950853503434a The OpenSSF Package Analysis project identified 'dagger-core' @ 13.8....
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: hugo-extended, cert-manager, gomplate, prometheus-mysqld-exporter, apache-exporter, bom, volume-modifier-for-k8s, aws-signer-notation-plugin, yunikorn-k8shim, sigstore-scaffolding, k6, supercronic, dbmate, kubo-fips, grafana-pyroscope, trivy, descheduler-fips,...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: docker-compose, kubescape, zarf, kargo, helm-push, helm-operator, dagger, k3s, zot, docker-cli-buildx, docker, xeol, k8sgpt, cluster-api-helm-controller, osv-scanner, opa-envoy, grype, melange, eksctl, wolfictl, rancher-fleet, chartmuseum, opa, ctop, datadog-agent,...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: flux-source-controller, cert-manager, trivy-fips, eksctl, linkerd2, neuvector-scanner, xeol-fips, nerdctl, kots, trivy, wolfictl, datadog-agent, flux-helm-controller-fips, melange, buildkitd, syft-fips, rancher, docker-cli-buildx, zarf, opa, rancher-fleet-fips,...
CVE-2024-40635 vulnerabilities
Vulnerabilities for packages: flux-source-controller, cert-manager, trivy-fips, eksctl, linkerd2, neuvector-scanner, xeol-fips, nerdctl, kots, trivy, wolfictl, datadog-agent, flux-helm-controller-fips, melange, buildkitd, syft-fips, rancher, docker-cli-buildx, zarf, opa, rancher-fleet-fips,...
GHSA-2HMF-46V7-V6FX vulnerabilities
Vulnerabilities for packages: melange, external-dns, dagger, guac, external-dns-fips, zot...
CVE-2023-49559 vulnerabilities
Vulnerabilities for packages: melange, external-dns, dagger, guac, external-dns-fips, zot...
CVE-2024-32473 vulnerabilities
Vulnerabilities for packages: kaniko, harbor-scanner-trivy, policy-controller, docker, syft, melange, policy-controller-fips, buf, neuvector-scanner, harbor-scanner-trivy-fips, grype, dagger, wolfictl, docker-compose, cri-tools, helm-push, k3d...
CVE-2024-32473 vulnerabilities
Vulnerabilities for packages: docker-compose, cri-tools, docker, syft, kaniko, grype, melange, wolfictl, neuvector-scanner, policy-controller, buf, k3d, dagger, helm-push, harbor-scanner-trivy...