14 matches found
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: go, flux-notification-controller, dbmate, smarter-device-manager, oras, dgraph, stakater-reloader, actions-runner-controller, tailscale, gh, ingress-nginx-controller, grafana-operator, dkron, osv-scanner, goreleaser, envoy-ratelimit, pluto, aws-network-policy-agent,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: newrelic-fluent-bit-output, kserve-modelmesh-serving, actions-runner-controller, etcd, descheduler, kubernetes-dashboard, minio-operator, nri-rabbitmq, docker-credential-ecr-login, knative-serving, terraform-docs, flux-operator, git-credential-oauth, cerbos,...
CLEANSTART-2026-YL47233 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 0.0.0_git20251231-r0, 0.0.0_git20251231-r1
Multiple security vulnerabilities affect the envoy-ratelimit package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: aws-node-termination-handler-fips, dkron, oauth2-proxy, vault-csi-provider-fips, docker-cli-buildx-fips, crossplane-provider-gcp, nginx-prometheus-exporter-fips, amazon-cloudwatch-agent-operator, aws-fsx-csi-driver-fips, wal-g, crossplane-provider-aws-efs-fips,...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: controller-gen, gke-gcloud-auth-plugin, mockery, newrelic-fluent-bit-output, nri-memcached, prometheus-alertmanager, protoc-gen-go-grpc, actions-runner-controller, eksctl, tailscale, grype, bom, kubernetes-dashboard, pulumi, nri-rabbitmq, amass,...
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: controller-gen, gke-gcloud-auth-plugin, mockery, newrelic-fluent-bit-output, nri-memcached, prometheus-alertmanager, protoc-gen-go-grpc, actions-runner-controller, eksctl, tailscale, grype, bom, kubernetes-dashboard, pulumi, nri-rabbitmq, amass,...
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: tkn, prometheus-alertmanager, crossplane-provider-aws, protoc-gen-go-grpc, pgpool2exporter, actions-runner-controller, eksctl, kaniko, grype, kubernetes-dashboard, weaviate, pulumi, falcoctl, amass, secrets-store-csi-driver, crossplane-provider-azure,...
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: oauth2-proxy, crossplane-provider-gcp, policy-controller, datadog-agent-fips, caddy-fips, k9s, kuberay-operator, falcoctl-fips, prometheus-beat-exporter-fips, step-ca, k3d, minio, node-problem-detector, kube-state-metrics, secrets-store-csi-driver-provider-azure,...
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: controller-gen, gke-gcloud-auth-plugin, mockery, newrelic-fluent-bit-output, nri-memcached, prometheus-alertmanager, protoc-gen-go-grpc, actions-runner-controller, eksctl, tailscale, grype, bom, kubernetes-dashboard, pulumi, nri-rabbitmq, amass,...
CVE-2023-47108 vulnerabilities
Vulnerabilities for packages: envoy-ratelimit, kubevela, volume-modifier-for-k8s, kubescape, cri-tools, temporal-server, buildkitd, k3s, temporal, docker-compose, kubernetes, kine, kubernetes-csi-external-resizer, metrics-server...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: kubevela, src, terraform-provider-sendgrid, cortex, k3d, slsa-verifier, dgraph, kubescape, kubeflow, up, aactl, prometheus-blackbox-exporter, buildkitd, scorecard, falco, spark-operator...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: terraform-provider-sendgrid, kubernetes-csi-livenessprobe, kubernetes-csi-livenessprobe-fips, dynamic-localpv-provisioner-fips, smarter-device-manager-fips, kubeflow-fips, prometheus-adapter-fips, timestamp-authority-fips, slsa-verifier, aws-efs-csi-driver-fips,...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: gke-gcloud-auth-plugin, grype, bom, weaviate, pulumi, amass, secrets-store-csi-driver, newrelic-infrastructure-agent, flux-source-controller, gobuster, spark-operator, coredns, ip-masq-agent, src, cortex, rqlite, haproxy-ingress, skaffold, terraform-provider-azurerm,...
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: gke-gcloud-auth-plugin, grype, bom, weaviate, pulumi, amass, secrets-store-csi-driver, newrelic-infrastructure-agent, flux-source-controller, gobuster, spark-operator, coredns, ip-masq-agent, src, cortex, rqlite, haproxy-ingress, skaffold, terraform-provider-azurerm,...