36 matches found
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: flux-operator, trivy-operator, istio, gomplate, eksctl, crossplane-provider-aws-elasticache, chisel, apko, step, nfpm, kubernetes, flux-kustomize-controller, nuclei, grype, crossplane-provider-aws-sns, docker-compose, gitea, cloud-provider-aws, falcoctl,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: flux-operator, trivy-operator, istio, gomplate, docker-machine-driver-harvester, eksctl, chisel, apko, step, nfpm, kubernetes, flux-kustomize-controller, nuclei, grype, gitea, cloud-provider-aws, falcoctl, kubernetes-dashboard, skaffold, cert-manager,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: flux-operator, trivy-operator, istio, gomplate, eksctl, crossplane-provider-aws-elasticache, chisel, apko, step, nfpm, kubernetes, flux-kustomize-controller, nuclei, grype, crossplane-provider-aws-sns, docker-compose, gitea, cloud-provider-aws, falcoctl,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: hubble, flux-operator, sftpgo-plugin-eventsearch, osv-scanner, smarter-device-manager, gh, nodetaint, kubewatch, dataplaneapi, goreleaser, omnibump, flux, nfs-subdir-external-provisioner, oras, mariadb-operator, envoy-ratelimit, grafana-operator, temporal,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: kyverno-policy-reporter-kyverno-plugin, trivy-operator, istio, terraform, mc, grafana-agent-operator, dataplaneapi, docker-machine-driver-harvester, kubernetes-csi-external-resizer, eksctl, trillian, tailscale, apko, prometheus-adapter, tofu-controller, step,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: kyverno-policy-reporter-kyverno-plugin, trivy-operator, istio, terraform, mc, grafana-agent-operator, dataplaneapi, docker-machine-driver-harvester, kubernetes-csi-external-resizer, eksctl, trillian, tailscale, apko, prometheus-adapter, tofu-controller, step,...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: flux-operator, datadog-agent, opencost, osv-scanner, glab, jaeger, ferretdb...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: flux-operator, datadog-agent, opencost, osv-scanner, glab, jaeger, ferretdb...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: flux-operator, datadog-agent, opencost, osv-scanner, glab, jaeger, ferretdb...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: datadog-agent, glab, flux-operator, opencost, jaeger, ferretdb, osv-scanner, flux-operator-fips, jaeger-fips, livekit-cli, datadog-agent-fips, opencost-fips, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: datadog-agent, glab, flux-operator, opencost, jaeger, ferretdb, osv-scanner, flux-operator-fips, jaeger-fips, livekit-cli, datadog-agent-fips, opencost-fips, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: datadog-agent, glab, flux-operator, opencost, jaeger, ferretdb, osv-scanner, flux-operator-fips, jaeger-fips, livekit-cli, datadog-agent-fips, opencost-fips, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
CVE-2026-27896 vulnerabilities
Vulnerabilities for packages: datadog-agent, flux-operator, gptscript, github-mcp-server, opencost, jaeger, ferretdb, osv-scanner, flux-operator-fips, jaeger-fips, datadog-agent-fips, opencost-fips, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
GHSA-WVJ2-96WP-FQ3F vulnerabilities
Vulnerabilities for packages: datadog-agent, flux-operator, gptscript, github-mcp-server, opencost, jaeger, ferretdb, osv-scanner, flux-operator-fips, jaeger-fips, datadog-agent-fips, opencost-fips, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
SUSE CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
GO-2026-4351 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator
Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator-fips, flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator-fips, flux-operator...