Lucene search
+L

62 matches found

cgr
cgr
added 2026/06/23 8:16 a.m.11 views

GHSA-XHF5-7WJV-PQXP vulnerabilities

Vulnerabilities for packages: headlamp-fips, manifest-tool, helm-operator, cloudbeat-fips, docker-compose, eksctl, docker-fips, kots, linkerd2-fips, grype, kaniko, neuvector, linkerd2, envoy-gateway-fips, datadog-agent, tigera-operator-fips, trivy-operator, kaniko-fips, zot, kubescape-server-fips...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/05/22 7:48 p.m.29 views

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: gatekeeper, eksctl, fuse-overlayfs-snapshotter, scorecard, skaffold, tigera-operator, chartmuseum, docker, envoy-gateway, kaniko, linkerd2, steampipe, zot, newrelic-infrastructure-agent, datadog-agent, consul-k8s, helm-push, tw, syft, dagger, spegel, trivy-operator,...

7.8CVSS7AI score0.00221EPSS
Exploits1
wolfi
wolfi
added 2026/05/22 7:48 p.m.31 views

GHSA-FQW6-GF59-QR4W vulnerabilities

Vulnerabilities for packages: gatekeeper, eksctl, fuse-overlayfs-snapshotter, scorecard, skaffold, tigera-operator, chartmuseum, docker, envoy-gateway, kaniko, linkerd2, steampipe, zot, newrelic-infrastructure-agent, datadog-agent, consul-k8s, helm-push, tw, syft, dagger, spegel, trivy-operator,...

6.1AI score
Exploits0
cgr
cgr
added 2026/05/22 7:17 p.m.18 views

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: headlamp-fips, manifest-tool, helm-operator, opa-fips-envoy, cloudbeat-fips, docker-compose, gogatekeeper, osv-scanner, eksctl, docker-fips, kots, linkerd2-fips, grype, kaniko, neuvector, linkerd2, envoy-gateway-fips, datadog-agent, tigera-operator-fips,...

7.8CVSS7AI score0.00221EPSS
Exploits1
wolfi
wolfi
added 2026/04/11 2:41 p.m.8 views

CVE-2026-35206 vulnerabilities

Vulnerabilities for packages: eksctl, tigera-operator, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, chart-testing, headlamp,...

4.8CVSS6.2AI score0.00199EPSS
Exploits0
wolfi
wolfi
added 2026/04/11 2:41 p.m.7 views

GHSA-HR2V-4R36-88HR vulnerabilities

Vulnerabilities for packages: eksctl, tigera-operator, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, chart-testing, headlamp,...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/04/11 2:51 a.m.11 views

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: apko, envoy-ratelimit, temporal, local-path-provisioner, smarter-device-manager, mariadb-operator, volume-modifier-for-k8s, goreleaser, rabbitmq-messaging-topology-operator, flux-operator, nova, secrets-store-csi-driver-provider-aws, external-secrets-operator, hubble...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/02/26 7:48 p.m.11 views

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: skaffold, scorecard, crossplane-provider-azure-sql, gitlab-runner, syft, dagger, flux-source-controller, terraform-provider-azurerm, grafana-alloy, kubescape, argo-events, trivy, argo-rollouts, flux, zarf, terraform-provider-pagerduty, flux-kustomize-controller, kots...

9.8CVSS6.7AI score0.00397EPSS
Exploits0
wolfi
wolfi
added 2026/02/26 7:48 p.m.9 views

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: skaffold, scorecard, crossplane-provider-azure-sql, gitlab-runner, syft, dagger, flux-source-controller, terraform-provider-azurerm, grafana-alloy, kubescape, argo-events, trivy, argo-rollouts, flux, zarf, terraform-provider-pagerduty, flux-kustomize-controller, kots...

6.1AI score
Exploits0
cgr
cgr
added 2026/02/10 1:17 p.m.7 views

GHSA-8JVR-VH7G-F8GX vulnerabilities

Vulnerabilities for packages: fluxcd-kustomize-mutating-webhook-fips, backup-restore-operator, gitlab-runner-fips, amazon-ssm-agent-fips, manifest-tool, terraform-provider-sendgrid, crossplane-provider-keycloak, aactl, rancher-fleet, eck-operator-fips, opa-fips-envoy, kubernetes-csi-driver-nfs,...

6.1AI score
Exploits0
osv
osv
added 2025/12/02 5:36 p.m.4 views

BIT-FLUX-2022-36049 Flux2 Helm Controller denial of service

Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK th...

7.7CVSS6.6AI score0.01045EPSS
Exploits0References5
osv
osv
added 2025/12/02 5:36 p.m.6 views

BIT-FLUX-2022-24817 Improper kubeconfig validation allows arbitrary code execution

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy deployments this can also...

9.9CVSS7.3AI score0.01044EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-6887

Malicious code in bioql PyPI...

7.7CVSS7.7AI score0.01045EPSS
Exploits0References6
cgr
cgr
added 2025/09/24 2:18 p.m.9 views

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: falcoctl, aactl, helm-operator, nri-memcached, terraform-mcp-server, kubernetes-csi-driver-nfs, emissary, kapp, plugin-barman-cloud, eksctl, spire-controller-manager, ipfs-cluster, dive, k8sgateway, kubernetes-csi-driver-hostpath, controller-gen, undock, rke2-runtime...

6.1AI score
Exploits0
wolfi
wolfi
added 2025/08/15 7:48 p.m.23 views

CVE-2025-55199 vulnerabilities

Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp...

6.5CVSS6.6AI score0.00334EPSS
Exploits0
wolfi
wolfi
added 2025/08/15 7:48 p.m.19 views

CVE-2025-55198 vulnerabilities

Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp,...

6.5CVSS6.6AI score0.00331EPSS
Exploits0
wolfi
wolfi
added 2025/08/15 7:48 p.m.7 views

GHSA-F9F8-9PMF-XV68 vulnerabilities

Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp,...

6.1AI score
Exploits0
wolfi
wolfi
added 2025/08/15 7:47 p.m.4 views

GHSA-9H84-QMV7-982P vulnerabilities

Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp...

6.1AI score
Exploits0
cgr
cgr
added 2025/04/12 1:13 p.m.29 views

CVE-2025-32387 vulnerabilities

Vulnerabilities for packages: flux-source-controller-fips, kubescape, chartmuseum-fips, cert-manager-cmctl-fips, harbor-fips, helm-operator, k8ssandra-client, cilium-cli, consul-k8s-fips, helm-push, flux-fips, flux-source-controller, cloudbeat-fips, trivy-fips, trivy, eksctl, chartmuseum,...

6.5CVSS6.6AI score0.00459EPSS
Exploits0
cgr
cgr
added 2025/04/12 1:13 p.m.17 views

CVE-2025-32386 vulnerabilities

Vulnerabilities for packages: flux-source-controller-fips, kubescape, chartmuseum-fips, cert-manager-cmctl-fips, harbor-fips, helm-operator, k8ssandra-client, cilium-cli, consul-k8s-fips, helm-push, flux-fips, flux-source-controller, cloudbeat-fips, trivy-fips, trivy, eksctl, chartmuseum,...

6.5CVSS6.6AI score0.00427EPSS
Exploits0
Rows per page
Query Builder