10 matches found
PT-2026-56073
Name of the Vulnerable Software and Affected Versions Coder versions prior to 2.34.2 Coder versions prior to 2.33.8 Coder versions prior to 2.32.7 Coder versions prior to 2.29.17 Description An issue exists where the UpsertWorkspaceApp function overwrites an existing application's agent id during...
CLEANSTART-2026-WS85269 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27142, CVE-2026-32281, CVE-2026-32283, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 6.1.0-r0, 6.1.0-r1, 6.1.0-r2, 6.1.0-r3, 6.1.0-r4
Multiple security vulnerabilities affect the kubernetes-csi-external-provisioner-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: polaris, aws-load-balancer-controller, clickhouse-operator, goreleaser, grafana-operator, flux-source-controller, metacontroller, oras, apko, victoriametrics-cluster, volume-modifier-for-k8s, mountpoint-s3-csi-driver, envoy-ratelimit, newrelic-k8s-metadata-injection,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: prometheus-podman-exporter, kubevela, kyverno-policy-reporter, licenseclassifier, falcosidekick, longhorn-instance-manager, knative-serving, gitlab-cng, authservice, pdfcpu, gobump, rancher-telemetry, cluster-proportional-autoscaler, grpcurl, fixuid,...
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, nerdctl, weaviate, src, aws-load-balancer-controller, nri-kubernetes, rook, aws-flb-kinesis, runc, trust-manager, kubescape, kubernetes-dashboard-metrics-scraper, scorecard, crossplane, nri-discovery-kubernetes,...
GHSA-F4W6-3RH6-6Q4Q vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-provisioner...
GHSA-F4W6-3RH6-6Q4Q Kubernetes CSI Sidecar Containers Can Allow Unauthorized Data Access
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
GHSA-F4W6-3RH6-6Q4Q vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-provisioner...
kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...