62 matches found
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: docker-cli-buildx, cert-manager-cmctl, skaffold, k3s, linkerd2, zarf, helm-push, wolfictl, zot, ctop, xeol, buildkitd, opa-envoy, cilium-cli, chartmuseum, kargo, fuse-overlayfs-snapshotter, syft, trivy, kaniko, k8sgpt, helm, gatekeeper, rancher-fleet, envoy-gateway,...
CVE-2022-36049
Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK th...
BIT-HELM-2022-36049 Flux2 Helm Controller denial of service
Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK th...
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: k8sgpt, chartmuseum, kots, cert-manager, k9s, flux-source-controller, cert-manager-fips, kubevela, trivy, cilium-cli, eksctl, helm-push, kubescape, flux-helm-controller, helm-operator, up, zarf, zot...
GHSA-V53G-5GJP-272R vulnerabilities
Vulnerabilities for packages: zot, eksctl, cilium-cli, chartmuseum, trivy, up, zarf, flux-helm-controller, kubescape, k8sgpt, helm-push, k9s, helm-operator, kubevela, flux-source-controller, kots...
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: k8sgpt, chartmuseum, kots, cert-manager, k9s, flux-source-controller, cert-manager-fips, kubevela, trivy, cilium-cli, eksctl, helm-push, kubescape, flux-helm-controller, helm-operator, up, zarf, zot...
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: kots, buildkitd, gitsign, kubeflow-katib, skopeo, argo-workflows-fips, docker-machine-driver-harvester, eksctl, helm-operator-fips, up, tekton-chains, dagger, policy-controller, goreleaser, crane, bom, flux, guac, ctop, argo-workflows, k3s, helm-fips, helm, cri-tools...
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: kots, buildkitd, gitsign, kubeflow-katib, skopeo, argo-workflows-fips, docker-machine-driver-harvester, eksctl, helm-operator-fips, up, tekton-chains, dagger, policy-controller, goreleaser, crane, bom, flux, guac, ctop, argo-workflows, k3s, helm-fips, helm, cri-tools...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: prometheus-stackdriver-exporter, buildkitd, aws-efs-csi-driver-fips, up, dynamic-localpv-provisioner-fips, prometheus-adapter-fips, kubernetes-csi-livenessprobe, prometheus-blackbox-exporter, src, terraform-provider-sendgrid, kubernetes-csi-livenessprobe-fips,...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: buildkitd, terraform-provider-sendgrid, spark-operator, aactl, dgraph, kubescape, prometheus-blackbox-exporter, cortex, scorecard, falco, slsa-verifier, k3d, src, kubevela, kubeflow, up...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: spark-operator, weaviate, secrets-store-csi-driver, gobuster, sigstore-scaffolding, aactl, kpt, dynamic-localpv-provisioner, envoy-ratelimit, cortex, kubewatch, node-problem-detector, nri-prometheus, nghttp2, prometheus-blackbox-exporter, nginx-mainline,...
CVE-2023-2253 vulnerabilities
Vulnerabilities for packages: aactl, bom, argocd-image-updater-fips, argocd-image-updater, kubernetes-dashboard, kpt...
GHSA-HQXW-F8MX-CPMW vulnerabilities
Vulnerabilities for packages: aactl, bom, argocd-image-updater-fips, argocd-image-updater, kubernetes-dashboard, kpt...
CVE-2023-28841 vulnerabilities
Vulnerabilities for packages: apko, bom, ctop, up, helm, melange, ko...
GHSA-232P-VWFF-86MP vulnerabilities
Vulnerabilities for packages: apko, bom, ctop, up, helm, melange, ko...
GHSA-33PG-M6JH-5237 vulnerabilities
Vulnerabilities for packages: apko, bom, ctop, up, helm, melange, ko...
GHSA-6WRF-MXFJ-PF5P vulnerabilities
Vulnerabilities for packages: apko, bom, ctop, up, helm, melange, ko...
CBL Mariner 2.0 Security Update: helm (CVE-2022-36049)
The version of helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36049 advisory. - Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-...
CVE-2023-25173 vulnerabilities
Vulnerabilities for packages: ctop...
CVE-2023-25153 vulnerabilities
Vulnerabilities for packages: ctop...