18 matches found
CLEANSTART-2026-VO11205 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2, 8.4.0-r3, 8.4.0-r4
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-RQ86436 Security fixes for CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.5.0-r0, 8.5.0-r1, 8.5.0-r2, 8.5.0-r3
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: argo-events, newrelic-fluent-bit-output, sftpgo, trillian, trivy-operator, rabbitmq-messaging-topology-operator, cloud-provider-aws, emissary, helm, mattermost, cue, docker-credential-gcr, newrelic-infrastructure-agent, secrets-store-csi-driver-provider-azure, spegel...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: cloud-provider-aws-fips, azure-container-networking, dex-k8s-authenticator, kubeflow-fips, mc-fips, argo-events, terraform-provider-databricks, rabbitmq-default-user-credential-updater-fips, fleet-server, hubble-ui, dkron, k8s-metacollector,...
CLEANSTART-2026-WM95952 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.5.0-r0, 8.5.0-r1
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-J3GX-2473-5FP8 vulnerabilities
Vulnerabilities for packages: newrelic-fluent-bit-output, ksops, rabbitmq-messaging-topology-operator, helm, mattermost, postgres-operator, neuvector-dbgen, src-fingerprint, kafka-proxy, step-issuer, go, swagger, opentelemetry-collector-contrib, aws-otel-collector, terraform-provider-sendgrid,...
CVE-2026-25679 vulnerabilities
Vulnerabilities for packages: newrelic-fluent-bit-output, ksops, rabbitmq-messaging-topology-operator, helm, mattermost, postgres-operator, neuvector-dbgen, src-fingerprint, kafka-proxy, step-issuer, go, swagger, opentelemetry-collector-contrib, aws-otel-collector, terraform-provider-sendgrid,...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: azure-container-networking, dex-k8s-authenticator, mc-fips, argo-events, terraform-provider-databricks, fleet-server, caddy-fips, dkron, k8s-metacollector, prometheus-elasticsearch-exporter, kyverno-policy-reporter, spegel, backup-restore-operator, temporal-server,...
CLEANSTART-2026-XK29348 Security fixes for GHSA-F6X5-JH6R-WRFV, GHSA-J5W8-Q4QC-RX2X applied in versions: 8.4.0-r0
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: cloud-provider-aws-fips, hello-world-golang, caddy-fips, prometheus-elasticsearch-exporter, splunk-otel-collector, gofumpt, buildkitd, configmap-reload, kyverno-policy-reporter, eksctl, spegel, trivy-fips, secrets-store-csi-driver-provider-azure, net-kourier-fips,...
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: dex-k8s-authenticator, mc-fips, hubble-ui, hello-world-golang, caddy-fips, prometheus-elasticsearch-exporter, buildkitd, configmap-reload, tailscale, kyverno-policy-reporter, spegel, nats, trivy-fips, prometheus-nats-exporter, secrets-store-csi-driver-provider-azure,...
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: kubeflow-fips, mc-fips, hubble-ui, caddy-fips, prometheus-elasticsearch-exporter, buildkitd, configmap-reload, kyverno-policy-reporter, eksctl, nats, temporal-server, prometheus-nats-exporter, secrets-store-csi-driver-provider-azure, newrelic-infrastructure-agent,...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: metrics-server-fips, dynamic-localpv-provisioner-fips, kubeflow-fips, cluster-autoscaler-fips, kiam, kubernetes-csi-livenessprobe, prometheus-blackbox-exporter, kubeflow, terraform-provider-sendgrid, spark-operator, buildkitd, kubernetes-csi-livenessprobe-fips,...
GHSA-F4W6-3RH6-6Q4Q Kubernetes CSI Sidecar Containers Can Allow Unauthorized Data Access
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
GHSA-HP87-P4GW-J4GQ vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner-fips, thanos-operator, dynamic-localpv-provisioner, thanos-operator-fips...
CVE-2022-28948 vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner-fips, thanos-operator, dynamic-localpv-provisioner, thanos-operator-fips...
kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...