31 matches found
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: trivy, kgateway, newrelic-infrastructure-agent, helm-operator-fips, spegel-fips, grype, chaos-mesh-fips, k9s, grype-fips, skaffold-fips, helm-operator, kube-arangodb, scorecard, kots, trivy-fips, newrelic-infrastructure-agent-fips, docker-compose-fips,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: headlamp, kots, nova, k8ssandra-client, teleport, tw, cert-manager-cmctl, consul-k8s, helm-operator, zarf, trivy-operator, trivy, zot, istio, envoy-gateway, linkerd2, kubescape, harbor, pluto, chartmuseum, flux, helm-push, helm-docs, helm-set-status, chart-testing,...
CVE-2026-35206 vulnerabilities
Vulnerabilities for packages: headlamp, kots, nova, k8ssandra-client, teleport, tw, cert-manager-cmctl, consul-k8s, helm-operator, zarf, trivy-operator, trivy, zot, istio, envoy-gateway, linkerd2, kubescape, harbor, pluto, chartmuseum, flux, helm-push, helm-docs, helm-set-status, chart-testing,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: flux-fips, cluster-api-helm-controller-fips, cert-manager-cmctl-fips, trivy, cerbos, cloudbeat-fips, envoy-gateway, harbor, helm-docs, chaos-mesh, istio, tigera-operator, jfrog-cli, cluster-api-helm-controller, helm-operator-fips, helm-diff-fips, consul-k8s,...
CLEANSTART-2026-PM59896 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.41.1-r0, 1.41.1-r1
Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-P77J-4MVH-X3M3 vulnerabilities
Vulnerabilities for packages: helm, secrets-store-csi-driver-provider-gcp, secrets-store-csi-driver, cluster-api-provider-vsphere, chartmuseum, kube-metrics-adapter, steampipe, crossplane-provider-keycloak, kube-vip, kubernetes-csi-driver-hostpath, vitess, kine, sftpgo-plugin-eventstore,...
CVE-2026-33186 vulnerabilities
Vulnerabilities for packages: helm, secrets-store-csi-driver-provider-gcp, secrets-store-csi-driver, cluster-api-provider-vsphere, chartmuseum, kube-metrics-adapter, steampipe, crossplane-provider-keycloak, kube-vip, kubernetes-csi-driver-hostpath, vitess, kine, sftpgo-plugin-eventstore,...
CLEANSTART-2026-NS41924 Within HostnameError
Multiple security vulnerabilities affect the helm-operator package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-TS12850 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-RD08428 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CVE-2025-55199 vulnerabilities
Vulnerabilities for packages: headlamp, kots, nova, k8ssandra-client, teleport, tw, kargo, cert-manager-cmctl, consul-k8s, helm-operator, zarf, trivy-operator, trivy, zot, envoy-gateway, istio, linkerd2, flux-helm-controller, kubescape, harbor, pluto, chartmuseum, flux, helm-push, helm-docs,...
CVE-2025-55198 vulnerabilities
Vulnerabilities for packages: headlamp, kots, nova, k8ssandra-client, teleport, kargo, cert-manager-cmctl, consul-k8s, helm-operator, zarf, trivy-operator, trivy, zot, envoy-gateway, istio, linkerd2, flux-helm-controller, kubescape, harbor, pluto, chartmuseum, flux, helm-push, helm-docs,...
GHSA-F9F8-9PMF-XV68 vulnerabilities
Vulnerabilities for packages: headlamp, kots, nova, k8ssandra-client, teleport, kargo, cert-manager-cmctl, consul-k8s, helm-operator, zarf, trivy-operator, trivy, zot, envoy-gateway, istio, linkerd2, flux-helm-controller, kubescape, harbor, pluto, chartmuseum, flux, helm-push, helm-docs,...
GHSA-9H84-QMV7-982P vulnerabilities
Vulnerabilities for packages: headlamp, kots, nova, k8ssandra-client, teleport, tw, kargo, cert-manager-cmctl, consul-k8s, helm-operator, zarf, trivy-operator, trivy, zot, envoy-gateway, istio, linkerd2, flux-helm-controller, kubescape, harbor, pluto, chartmuseum, flux, helm-push, helm-docs,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: fulcio-fips, nri-redis, opentofu-fips, gatekeeper-fips, kubelet-csr-approver-fips, opentelemetry-collector, licenseclassifier, yace, kubernetes-dashboard-metrics-scraper, kubernetes, nri-memcached, sonobuoy-fips, flux-helm-controller-fips, cilium-fips, http-echo,...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: kots, k8ssandra-client, tw, cert-manager-cmctl, consul-k8s, helm-operator, zarf, zot, trivy, flux-helm-controller, kubescape, pluto, chartmuseum, flux, helm-push, rancher-helm, helm-docs, chart-testing, k9s, cilium-cli, eksctl, flux-source-controller,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: kots, k8ssandra-client, tw, cert-manager-cmctl, consul-k8s, helm-operator, zarf, zot, trivy, flux-helm-controller, kubescape, pluto, chartmuseum, flux, helm-push, rancher-helm, helm-docs, chart-testing, k9s, cilium-cli, eksctl, flux-source-controller,...
CVE-2025-32386 vulnerabilities
Vulnerabilities for packages: kots, k8ssandra-client, tw, cert-manager-cmctl, consul-k8s, helm-operator, zarf, zot, trivy, flux-helm-controller, kubescape, pluto, chartmuseum, flux, helm-push, rancher-helm, helm-docs, chart-testing, k9s, cilium-cli, eksctl, flux-source-controller,...
GHSA-5XQW-8HWV-WG92 vulnerabilities
Vulnerabilities for packages: kots, k8ssandra-client, tw, cert-manager-cmctl, consul-k8s, helm-operator, zarf, zot, trivy, flux-helm-controller, kubescape, pluto, chartmuseum, flux, helm-push, rancher-helm, helm-docs, chart-testing, k9s, cilium-cli, eksctl, flux-source-controller,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: flux-fips, cluster-api-helm-controller-fips, cert-manager-cmctl-fips, trivy, cloudbeat-fips, harbor, helm-docs, cluster-api-helm-controller, helm-operator-fips, consul-k8s, k9s, flux-helm-controller-fips, flux-source-controller-fips, helm-operator, rancher-helm, zot,...