32 matches found
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: headlamp-fips, manifest-tool, helm-operator, cloudbeat-fips, docker-compose, eksctl, docker-fips, kots, linkerd2-fips, grype, kaniko, neuvector, linkerd2, envoy-gateway-fips, datadog-agent, tigera-operator-fips, trivy-operator, kaniko-fips, zot, kubescape-server-fips...
CLEANSTART-2026-CL67452 Security fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-27145, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-35206, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, CVE-2026-46680, ghsa-fqw6-gf59-qr4w, ghsa-hfvc-g4fc-pqhx, ghsa-hr2v-4r36-88hr, ghsa-mh2q-q3fh-2475, ghsa-pc3f-x583-g7j2 applied in versions: 1.41.1-r0, 1.41.1-r1, 1.42.2-r0, 1.42.2-r1
Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-35206 vulnerabilities
Vulnerabilities for packages: eksctl, tigera-operator, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, chart-testing, headlamp,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: eksctl, tigera-operator, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, chart-testing, headlamp,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: flux-source-controller-fips, headlamp-fips, helm-diff-fips, chartmuseum-fips, cert-manager-cmctl-fips, envoy-gateway, harbor-fips, helm-operator, k8ssandra-client, cilium-cli, rancher-fleet, trivy-operator-fips, consul-k8s-fips, helm-push, cloudbeat, flux-fips,...
CLEANSTART-2026-PM59896 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.41.1-r0, 1.41.1-r1
Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-33186 vulnerabilities
Vulnerabilities for packages: cluster-api-azure-controller, metallb, steampipe, task, kubernetes-csi-external-attacher, flux-source-controller, sqlexporter, grpc-health-probe, trivy, terraform-docs, flux, docker-compose, datadog-operator, cluster-autoscaler, zarf, jitsucom-bulker,...
GHSA-P77J-4MVH-X3M3 vulnerabilities
Vulnerabilities for packages: cluster-api-azure-controller, metallb, steampipe, task, kubernetes-csi-external-attacher, flux-source-controller, sqlexporter, grpc-health-probe, trivy, terraform-docs, flux, docker-compose, datadog-operator, cluster-autoscaler, zarf, jitsucom-bulker,...
CLEANSTART-2026-NS41924 Within HostnameError
Multiple security vulnerabilities affect the helm-operator package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-TS12850 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-RD08428 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CVE-2025-55199 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp...
CVE-2025-55198 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp,...
GHSA-F9F8-9PMF-XV68 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp,...
GHSA-9H84-QMV7-982P vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, envoy-gateway, linkerd2, kuma, cilium-cli, zot, nova, consul-k8s, helm-push, tw, helm-docs, trivy-operator, cert-manager-cmctl, pluto, cluster-api-helm-controller, cerbos, flux-source-controller, k9s, flux-helm-controller, chart-testing, headlamp...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: sigstore-scaffolding-fips, terraform-provider-sendgrid, amazon-ssm-agent-fips, aactl, rancher-fleet, kubernetes-csi-driver-nfs, prometheus-podman-exporter, crossplane-provider-azure-sql, nerdctl, ghaudit, ipfs-cluster, docker-fips, kube-fluentd-operator,...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, cilium-cli, zot, consul-k8s, helm-push, tw, helm-docs, cert-manager-cmctl, pluto, cluster-api-helm-controller, flux-source-controller, k9s, flux-helm-controller, chart-testing, kubescape, trivy, rancher-helm, flux, zarf, k8ssandra-client, kots,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, cilium-cli, zot, consul-k8s, helm-push, tw, helm-docs, cert-manager-cmctl, pluto, cluster-api-helm-controller, flux-source-controller, k9s, flux-helm-controller, chart-testing, kubescape, trivy, rancher-helm, flux, zarf, k8ssandra-client, kots,...
CVE-2025-32386 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, cilium-cli, zot, consul-k8s, helm-push, tw, helm-docs, cert-manager-cmctl, pluto, cluster-api-helm-controller, flux-source-controller, k9s, flux-helm-controller, chart-testing, kubescape, trivy, rancher-helm, flux, zarf, k8ssandra-client, kots,...
GHSA-5XQW-8HWV-WG92 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, cilium-cli, zot, consul-k8s, helm-push, tw, helm-docs, cert-manager-cmctl, pluto, cluster-api-helm-controller, flux-source-controller, k9s, flux-helm-controller, chart-testing, kubescape, trivy, rancher-helm, flux, zarf, k8ssandra-client, kots,...