36 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, gomplate, src, wolfictl, caddy, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, fulcio, docker-compose,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, gomplate, src, wolfictl, caddy, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, fulcio, docker-compose,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: sftpgo-plugin-eventsearch, spire-server, pluto, metacontroller, envoy-ratelimit, aws-privateca-issuer, flux-source-controller, polaris, malcontent, flux-image-automation-controller, dkron, flux-helm-controller, apko, temporal, external-secrets-operator, smokescreen,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, grpcurl, kube-vip, lazydocker, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, pulumi-language-yaml, snyk-cli, rancher-fleet, sriov-network-device-plugin, xeol, certificate-transparency, k8ssandra-operator, caddy,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, grpcurl, kube-vip, lazydocker, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, pulumi-language-yaml, snyk-cli, rancher-fleet, sriov-network-device-plugin, xeol, certificate-transparency, k8ssandra-operator, caddy,...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: jaeger, ferretdb, flux-operator, datadog-agent, glab, osv-scanner, opencost...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: jaeger, ferretdb, flux-operator, datadog-agent, glab, osv-scanner, opencost...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: jaeger, ferretdb, flux-operator, datadog-agent, glab, osv-scanner, opencost...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: gitlab-workhorse-ce-fips, jaeger, opencost, livekit-cli, glab, opencost-fips, datadog-agent-fips, jaeger-fips, osv-scanner, gitlab-workhorse-ce, ferretdb, datadog-agent, flux-operator, flux-operator-fips...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: gitlab-workhorse-ce-fips, jaeger, opencost, livekit-cli, glab, opencost-fips, datadog-agent-fips, jaeger-fips, osv-scanner, gitlab-workhorse-ce, ferretdb, datadog-agent, flux-operator, flux-operator-fips...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: gitlab-workhorse-ce-fips, jaeger, opencost, livekit-cli, glab, opencost-fips, datadog-agent-fips, jaeger-fips, osv-scanner, gitlab-workhorse-ce, ferretdb, datadog-agent, flux-operator, flux-operator-fips...
GHSA-WVJ2-96WP-FQ3F vulnerabilities
Vulnerabilities for packages: github-mcp-server, gitlab-workhorse-ce-fips, jaeger, opencost, opencost-fips, datadog-agent-fips, jaeger-fips, osv-scanner, gitlab-workhorse-ce, ferretdb, datadog-agent, flux-operator, flux-operator-fips, gptscript...
CVE-2026-27896 vulnerabilities
Vulnerabilities for packages: github-mcp-server, gitlab-workhorse-ce-fips, jaeger, opencost, opencost-fips, datadog-agent-fips, jaeger-fips, osv-scanner, gitlab-workhorse-ce, ferretdb, datadog-agent, flux-operator, flux-operator-fips, gptscript...
SUSE CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
GO-2026-4351 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator
Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator, flux-operator-fips...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator, flux-operator-fips...