GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: minio-object-browser, k8ssandra-operator, cis-operator, cloudnative-pg, azure-service-operator, nuclei, redpanda, secrets-store-csi-driver-provider-azure, cluster-api-provider-vsphere, mattermost, flux-image-automation-controller, gitness, ingress-nginx-controller,...

EUVD-2026-9077

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using filepath.Joindest, cleanedName without enforcing that the final path stays within dest. A ta...

GHSA-4F99-4Q7P-P3GH vulnerabilities

Vulnerabilities for packages: php-fpmexporter, src-fingerprint, kubeflow, aws-flb-firehose, sonobuoy, gostatsd, go-discover, newrelic-nri-statsd, aws-flb-kinesis, kube-fluentd-operator, terraform-provider-google, docker-credential-gcr, smokescreen, hello-world-golang, neuvector-dbgen, kpt,...

CVE-2025-65637 vulnerabilities

Vulnerabilities for packages: php-fpmexporter, src-fingerprint, kubeflow, aws-flb-firehose, sonobuoy, gostatsd, go-discover, newrelic-nri-statsd, aws-flb-kinesis, kube-fluentd-operator, terraform-provider-google, docker-credential-gcr, smokescreen, hello-world-golang, neuvector-dbgen, kpt,...

GHSA-7C64-F9JR-V9H2 vulnerabilities

Vulnerabilities for packages: k8ssandra-operator, octo-sts, gostatsd, mongodb-kubernetes-operator, secrets-store-csi-driver-provider-azure, gitness, helm-mapkubeapis, newrelic-prometheus-configurator, aws-privateca-issuer, oauth2-proxy, terraform-provider-time, go-jsonnet, nri-rabbitmq, otel-cli,...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: k8ssandra-operator, octo-sts, gostatsd, mongodb-kubernetes-operator, secrets-store-csi-driver-provider-azure, gitness, helm-mapkubeapis, newrelic-prometheus-configurator, aws-privateca-issuer, oauth2-proxy, terraform-provider-time, go-jsonnet, nri-rabbitmq, otel-cli,...

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: octo-sts, gostatsd, mongodb-kubernetes-operator, helm-mapkubeapis, oauth2-proxy, terraform-provider-time, otel-cli, skaffold, cfssl, cosign, custom-pod-autoscaler-operator, conftest, kubelet-csr-approver, cluster-api, pulumi-language-yaml, gatekeeper, protoc-gen-go,...

GHSA-CXQ7-XW9V-RCV3 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

GHSA-HJX7-FPXX-MJ48 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

GHSA-WCW9-47FP-RRFR vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

CVE-2025-61723 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

CVE-2025-61725 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

CVE-2025-47912 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

CVE-2025-58186 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

GHSA-447V-2QG4-H8HC vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

CVE-2025-58188 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

CVE-2025-58185 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

GHSA-9GCR-GP5F-JW27 vulnerabilities

Vulnerabilities for packages: go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac, kube-bench, helm-mapkubeapis,...

GHSA-RJCG-56PH-3QVG vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...

GHSA-QH38-484V-W52X vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, go-md2man, kubeflow, minio-object-browser, octo-sts, nri-prometheus, redpanda, gostatsd, cert-exporter, mongodb-kubernetes-operator, helm-docs, stern, wireguard-go, custom-pod-autoscaler, cluster-api-provider-vsphere, mattermost, guac,...