33 matches found
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: grafana-operator, victoriametrics-cluster, ingress-nginx-controller, oras, aws-privateca-issuer, aws-load-balancer-controller, goreleaser, aws-network-policy-agent, omnibump, envoy-ratelimit, temporal, newrelic-infra-operator, dkron, flux-image-reflector-controller,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: mc, kine, net-kourier, sftpgo-plugin-eventstore, memcached-exporter, vexctl, etcd, terraform-provider-azapi, temporal, trillian, cloud-provider-azure, envoy-ratelimit, terraform, gitaly, crossplane-provider-keycloak, zot, redka, kubernetes-dashboard, step-issuer,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: mc, kine, net-kourier, sftpgo-plugin-eventstore, memcached-exporter, vexctl, etcd, terraform-provider-azapi, temporal, trillian, cloud-provider-azure, envoy-ratelimit, terraform, gitaly, crossplane-provider-keycloak, zot, redka, kubernetes-dashboard, step-issuer,...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: osv-scanner, glab, ferretdb, datadog-agent, flux-operator, jaeger, opencost...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: osv-scanner, glab, ferretdb, datadog-agent, flux-operator, jaeger, opencost...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: osv-scanner, glab, ferretdb, datadog-agent, flux-operator, jaeger, opencost...
GHSA-Q382-VC8Q-7JHJ vulnerabilities
Vulnerabilities for packages: ferretdb, jaeger-fips, livekit-cli, gitlab-workhorse-ce, osv-scanner, jaeger, opencost-fips, glab, opencost, flux-operator-fips, gitlab-workhorse-ce-fips, datadog-agent-fips, flux-operator, datadog-agent...
GHSA-89XV-2J6F-QHC8 vulnerabilities
Vulnerabilities for packages: ferretdb, jaeger-fips, livekit-cli, gitlab-workhorse-ce, osv-scanner, jaeger, opencost-fips, glab, opencost, flux-operator-fips, gitlab-workhorse-ce-fips, datadog-agent-fips, flux-operator, datadog-agent...
CVE-2026-33252 vulnerabilities
Vulnerabilities for packages: ferretdb, jaeger-fips, livekit-cli, gitlab-workhorse-ce, osv-scanner, jaeger, opencost-fips, glab, opencost, flux-operator-fips, gitlab-workhorse-ce-fips, datadog-agent-fips, flux-operator, datadog-agent...
CVE-2026-27896 vulnerabilities
Vulnerabilities for packages: github-mcp-server, ferretdb, jaeger-fips, osv-scanner, gitlab-workhorse-ce, jaeger, opencost-fips, gptscript, opencost, flux-operator-fips, gitlab-workhorse-ce-fips, datadog-agent-fips, flux-operator, datadog-agent...
GHSA-WVJ2-96WP-FQ3F vulnerabilities
Vulnerabilities for packages: github-mcp-server, ferretdb, jaeger-fips, osv-scanner, gitlab-workhorse-ce, jaeger, opencost-fips, gptscript, opencost, flux-operator-fips, gitlab-workhorse-ce-fips, datadog-agent-fips, flux-operator, datadog-agent...
SUSE CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
GO-2026-4351 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator
Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims in github.com/controlplaneio-fluxcd/flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator...
CVE-2026-23990 vulnerabilities
Vulnerabilities for packages: flux-operator-fips, flux-operator...
GHSA-4XH5-JCJ2-CH8Q vulnerabilities
Vulnerabilities for packages: flux-operator-fips, flux-operator...
CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
CVE-2026-23990 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...