14 matches found
CVE-2026-9165
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, loki-fips, kube-logging-operator-custom-runner, local-static-provisioner, neuvector-scanner-fips, falcoctl, buildkite-agent, envoy-gateway, minc, nuclei, aws-network-policy-agent, amazon-cloudwatch-agent-operator-fips, apache-exporter,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, loki-fips, kube-logging-operator-custom-runner, local-static-provisioner, neuvector-scanner-fips, falcoctl, buildkite-agent, envoy-gateway, minc, nuclei, aws-network-policy-agent, amazon-cloudwatch-agent-operator-fips, apache-exporter,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, age, loki-fips, azurefile-csi-fips, monstache, deck-fips, tkn-fips, wazero-fips, vertical-pod-autoscaler-fips, crossplane-provider-sql-fips, json-exporter, k8ssandra-operator, rabbitmq-messaging-topology-operator-fips, kaf, crossplane-fips, mailpit,...
Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization
Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-47907 DESCRIPTION: Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned...
OPENSUSE-SU-2025:15832-1 coredns-for-k8s1.35-1.13.1-2.1 on GA media
These are all security issues fixed in the coredns-for-k8s1.35-1.13.1-2.1 package on the GA media of openSUSE Tumbleweed...
coredns-for-k8s1.33-1.12.0-2.1 on GA media (moderate)
coredns-for-k8s1.33-1.12.0-2.1 on GA media Announcement ID: openSUSE-SU-2025:15825-1 Rating: moderate Cross-References: CVE-2025-68156 CVSS scores: CVE-2025-68156 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-68156 SUSE : 8.7...
OPENSUSE-SU-2025:15826-1 coredns-for-k8s1.34-1.12.1-2.1 on GA media
These are all security issues fixed in the coredns-for-k8s1.34-1.12.1-2.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15825-1 coredns-for-k8s1.33-1.12.0-2.1 on GA media
These are all security issues fixed in the coredns-for-k8s1.33-1.12.0-2.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15764-1 etcd-for-k8s1.32-3.5.24-1.1 on GA media
These are all security issues fixed in the etcd-for-k8s1.32-3.5.24-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: kots, kube-bench, k3s, argo-workflows-fips, temporal-server-fips, falcosidekick-fips, kube-bench-fips, spicedb, wavefront-collector-for-kubernetes, kine, src, trillian-fips, amass, ferretdb, temporal-server, step, argo-workflows, keda-fips, trillian, caddy, step-ca,...
GHSA-M7WR-2XF7-CM9P vulnerabilities
Vulnerabilities for packages: caddy-fips, step-ca, wavefront-collector-for-kubernetes, step, argo-workflows, trillian-fips, trillian, caddy, kots, argo-workflows-fips...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: k8sgpt-operator, kube-logging-logging-operator, nfs-subdir-external-provisioner-fips, kubeflow-katib, falcoctl, trust-manager, cue, ollama, prometheus-postgres-exporter, k3s, grpcurl, kubescape, flux, gitness, aws-efs-csi-driver-fips, kaf, src, metrics-server,...
Security Bulletin: Vulnerabilities in Golang Go and MinIO may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift (CVE-2022-24842,CVE-2021-38561,CVE-2021-43565,CVE-2022-28327,CVE-2022-24675,CVE-2022-27536)
Summary Vulnerabilities in Golang Go and MinIO such as denial of service and elevated privileges may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift. Vulnerability Details CVEID: CVE-2022-24842 DESCRIPTION: MinIO could allow a remote authenticate...