59 matches found
CVE-2024-0133 vulnerabilities
Vulnerabilities for packages: nvidia-gpu-operator-validator, nvidia-container-toolkit...
CVE-2024-0132 vulnerabilities
Vulnerabilities for packages: nvidia-gpu-operator-validator, nvidia-container-toolkit...
CVE-2022-41717 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
CVE-2022-41717 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-32149 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
CVE-2022-32149 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-1996 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
CVE-2022-1996 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-45288 affecting package sriov-network-device-plugin for versions less than 3.6.2-3
CVE-2023-45288 affecting package sriov-network-device-plugin for versions less than 3.6.2-3. A patched version of the package is available...
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2. A patched version of the package is available...
CVE-2022-41717 affecting package sriov-network-device-plugin for versions less than 3.6.2-2
CVE-2022-41717 affecting package sriov-network-device-plugin for versions less than 3.6.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.6.2-2
CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.6.2-2. An upgraded version of the package is available that resolves this issue...
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: runc, syft, skaffold, k3s, docker, kubernetes-fips, cadvisor, datadog-agent, buildkitd, skopeo, kaniko, ctop, nerdctl, newrelic-infrastructure-agent, grype, trivy, wolfictl, zot, kubernetes, datadog-agent-fips, zarf, kots, kubescape, k9s, podman, k3d...
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: zot, k3s, kubernetes, nerdctl, k3d, runc, cadvisor, buildkitd, datadog-agent, syft, ctop, wolfictl, k9s, kubescape, newrelic-infrastructure-agent, kaniko, grype, kots, skaffold, skopeo, zarf, podman, trivy, docker...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: prometheus-blackbox-exporter, aactl, falco, dgraph, slsa-verifier, spark-operator, up, kubeflow, k3d, src, scorecard, terraform-provider-sendgrid, buildkitd, cortex, kubevela, kubescape...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: cortex, dgraph, src, kube-oidc-proxy, kubernetes-csi-livenessprobe, smarter-device-manager-fips, cluster-autoscaler-fips, prometheus-blackbox-exporter, kubeflow, bank-vaults-fips, terraform-provider-sendgrid-fips, vault-csi-provider, aactl, kiam, scorecard, falco,...
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2. A patched version of the package is available...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: coredns, nri-prometheus, atlantis, k3d, node-problem-detector, kubewatch, flux-helm-controller, prometheus-blackbox-exporter, nodetaint, pulumi-language-java, kubeflow-katib, skaffold, src, pulumi-language-yaml, git-lfs, terraform-provider-aws, memcached-exporter, ko...
AZL-35284 CVE-2022-41717 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...
AZL-33643 CVE-2022-32149 affecting package sriov-network-device-plugin for versions less than 3.6.2-2
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-35283 CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...