45 matches found
CVE-2026-41889 vulnerabilities
Vulnerabilities for packages: cloudnative-pg, wal-g, kuma, gitaly-fips, chainloop-control-plane, juicefs, goose, vault-fips, openbao, grafana, authentik-fips, goose-fips, sqlexporter-fips, spqr, gitlab-cng-fips, azure-service-operator, rke2-runtime, sqlexporter, temporal-fips, amass,...
CVE-2026-41888 vulnerabilities
Vulnerabilities for packages: envoy-gateway, zot, portieris, gitness, kots...
GHSA-6PJF-3R9X-M592 vulnerabilities
Vulnerabilities for packages: envoy-gateway, zot, portieris, gitness, kots...
GHSA-6PJF-3R9X-M592 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, envoy-gateway, zot, portieris-fips, portieris, envoy-gateway-fips, kots, gitlab-rails-ce, gitness...
CVE-2026-41888 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, envoy-gateway, zot, portieris-fips, portieris, envoy-gateway-fips, kots, gitlab-rails-ce, gitness...
CLEANSTART-2026-SV08737 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: apko-fips, beats, ko, flux-helm-controller-fips, vendir-fips, eksctl, karpenter-fips, prometheus-operator, rke2-runtime, oras, hubble, nerdctl, sonobuoy-fips, flux-helm-controller, kbld-fips, harbor, amazon-ecs-agent, nats, helm, falcoctl, qemu-guesthelper, atlas,...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: apko-fips, beats, ko, flux-helm-controller-fips, vendir-fips, eksctl, karpenter-fips, prometheus-operator, rke2-runtime, oras, hubble, nerdctl, sonobuoy-fips, flux-helm-controller, kbld-fips, harbor, amazon-ecs-agent, nats, helm, falcoctl, qemu-guesthelper, atlas,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: apko-fips, liquibase-package-manager, kubevirt-cdi-uploadproxy, beats, memcached-exporter, grafana-pyroscope, ko, prometheus-operator-fips, scuttle-fips, flux-helm-controller-fips, pushprox-fips, newrelic-infra-operator, nri-f5-fips, prometheus-mongodb-exporter-fips,...
CLEANSTART-2026-AC01087 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...
CLEANSTART-2026-NX54250 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...
CVE-2026-35172 vulnerabilities
Vulnerabilities for packages: envoy-gateway, zot, portieris, gitness, kots...
GHSA-F2G3-HH2R-CWGC vulnerabilities
Vulnerabilities for packages: envoy-gateway, zot, portieris, gitness, kots...
CVE-2026-33540 vulnerabilities
Vulnerabilities for packages: envoy-gateway, zot, portieris, gitness, kots...
GHSA-3P65-76G6-3W7R vulnerabilities
Vulnerabilities for packages: envoy-gateway, zot, portieris, gitness, kots...
GHSA-F2G3-HH2R-CWGC vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, envoy-gateway, zot, portieris-fips, portieris, envoy-gateway-fips, kots, gitlab-rails-ce, gitness...
CVE-2026-35172 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, envoy-gateway, zot, portieris-fips, portieris, envoy-gateway-fips, kots, gitlab-rails-ce, gitness...
GHSA-3P65-76G6-3W7R vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, envoy-gateway, zot, portieris-fips, portieris, envoy-gateway-fips, kots, gitlab-rails-ce, gitness...
CVE-2026-33540 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, envoy-gateway, zot, portieris-fips, portieris, envoy-gateway-fips, kots, gitlab-rails-ce, gitness...
Arbitrary File Write
github.com/harness/gitness is vulnerable to Arbitrary file write. The vulnerability is due to improper sanitization of the upload path, which allows an attacker to craft a malicious upload request and write arbitrary files to any location on the file system...