CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: docker, osv-scanner, kubescape-operator, xeol, fuse-overlayfs-snapshotter, docker-cli-buildx, helm-set-status, kubevela, helm-mapkubeapis, trivy, rancher, skaffold, eksctl, kots, manifest-tool, steampipe, syft, k3s, wolfictl, helm, kaniko, gatekeeper, opa-envoy,...

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: linkerd2-fips, zarf-fips, kubevela-fips, dagger, kube-mgmt-fips, osv-scanner, gitlab-rails-ce-fips, redpanda-operator, neuvector-scanner, skaffold-fips, datadog-agent, datadog-agent-fips, spegel, xeol-fips, docker-cli-buildx, kubescape-operator-fips,...

SUSE CVE-2026-31465

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

EUVD-2026-24809

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

CVE-2026-31465

CVE-2026-31465 in the Linux kernel concerns the writeback path for filesystems without data integrity guarantees (e.g., fuse). The fix adds a SB_I_NO_DATA_INTEGRITY superblock flag; when set, sync kicks off writeback of dirty inodes but does not wait for flusher threads to finish. The change move...

PT-2026-34370

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SB I NO DATA INTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set...

GHSA-W4GW-W5JQ-G9JH vulnerabilities

Vulnerabilities for packages: k3s, cilium-envoy, wuzz, fuse-overlayfs-snapshotter, runc, k8s-device-plugin, aws-load-balancer-controller, gitness...

GHSA-W4GW-W5JQ-G9JH vulnerabilities

Vulnerabilities for packages: fuse-overlayfs-snapshotter, gendesk, localstack, terraform, aws-load-balancer-controller, nvidia-gpu-operator-validator, rke2-runtime, backup-restore-operator, rke2-runtime-fips, cilium-envoy-fips, runc, gitness, wuzz, gitlab-rails-ce, cilium-envoy, k3s,...

CVE-2025-58190 vulnerabilities

Vulnerabilities for packages: fuse-overlayfs-snapshotter, gendesk, localstack, terraform, aws-load-balancer-controller, nvidia-gpu-operator-validator, rke2-runtime, backup-restore-operator, rke2-runtime-fips, cilium-envoy-fips, runc, gitness, wuzz, gitlab-rails-ce, cilium-envoy, k3s,...

CVE-2025-47911 vulnerabilities

Vulnerabilities for packages: fuse-overlayfs-snapshotter, gendesk, localstack, terraform, aws-load-balancer-controller, nvidia-gpu-operator-validator, rke2-runtime, backup-restore-operator, rke2-runtime-fips, cilium-envoy-fips, runc, gitness, wuzz, gitlab-rails-ce, cilium-envoy, k3s,...

CVE-2025-47911 vulnerabilities

Vulnerabilities for packages: k3s, cilium-envoy, wuzz, fuse-overlayfs-snapshotter, runc, k8s-device-plugin, aws-load-balancer-controller, gitness...

CVE-2025-58190 vulnerabilities

Vulnerabilities for packages: k3s, cilium-envoy, wuzz, fuse-overlayfs-snapshotter, runc, k8s-device-plugin, aws-load-balancer-controller, gitness...

MiracleLinux 8 : container-tools: rhel8 (AXSA:2020-295:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-295:01 advisory. QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 Bug Fixes: useradd and groupadd fail under rootless Buildah and podman Podman...

container-tools:rhel8 security update

aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah 2:1.33.14-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/a7f8179 - fixes 'CVE-2025-47913...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: nats-top, redis-operator, azure-container-networking, cloud-sql-proxy-fips, flannel-cni-plugin-fips, cosign-fips, image-factory-fips, lvm-driver-fips, mesosphere-vsphere-csi, spiffe-helper, thanos-operator-fips, yace-fips, kserve-modelmesh-serving, etcd-fips,...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: pulumi-language-yaml, terraform-provider-random, db-operator, kaf, grafana, kubernetes-dns-node-cache, rancher-machine, kuma, syft, opentelemetry-collector-contrib, helm, tekton-chains, metrics-server, percona-server-mongodb-operator, cis-operator,...

GHSA-265R-HFXG-FHMG vulnerabilities

Vulnerabilities for packages: docker, osv-scanner, xeol, fuse-overlayfs-snapshotter, docker-cli-buildx, kubevela, flux-source-controller, trivy, skaffold, eksctl, kots, nerdctl, syft, k3s, neuvector-scanner, helm, wolfictl, kaniko, gatekeeper, opa-envoy, opa, datadog-agent, dagger, melange, k8sgp...

fuse-overlayfs bug fix and enhancement update

An update is available for fuse-overlayfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/fe85f0d - Resolves: RHEL-61853 2:1.33.10-1 - update to the latest content of...

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-8038)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8038 advisory. aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah cockpit-podman conmon containernetworking-plugins...