CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: helm, nfs-subdir-external-provisioner, secrets-store-csi-driver, filebrowser, tetragon, liquibase-package-manager, cluster-api-provider-vsphere, logstash-exporter, pvc-autoresizer, chartmuseum, crossplane-provider-keycloak, vertical-pod-autoscaler, kube-vip, nuclei,...

CVE-2025-61727 vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver, grafana-pyroscope, opentofu, harbor-scanner-trivy, kubelet-csr-approver, paranoia, gitea, prometheus-operator, kube-metrics-adapter, helm-push, rancher-helm, steampipe, slsa-verifier, cert-manager-webhook-pdns, newrelic-nri-kube-events,...

GHSA-5MH9-3JWC-RP59 vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver, grafana-pyroscope, opentofu, harbor-scanner-trivy, kubelet-csr-approver, paranoia, gitea, prometheus-operator, kube-metrics-adapter, helm-push, rancher-helm, steampipe, slsa-verifier, cert-manager-webhook-pdns, newrelic-nri-kube-events,...

GHSA-5MH9-3JWC-RP59 vulnerabilities

Vulnerabilities for packages: opentofu-fips, php-fpmexporter, vertical-pod-autoscaler-fips, gatekeeper-fips, opentelemetry-collector, newrelic-infrastructure-agent, crossplane-fips, sonobuoy-fips, ceph-csi-operator-fips, flux-helm-controller-fips, cilium-fips, tetragon-fips, telegraf,...

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: containerd, emissary, cluster-api-azure-controller, nri-mysql, kapp, kyverno, kubernetes-csi-driver-nfs, cluster-api-provider-vsphere, grafana-pyroscope, caddy, opentofu, controller-gen, kubernetes-csi-node-driver-registrar, chartmuseum, prometheus-operator, helm-pus...

SUSE-SU-2025:20278-1 Security update for helm

This update for helm fixes the following issues: - Update to version 3.17.2 bsc1238688, CVE-2025-22870: Updating to 0.37.0 for x/net builddeps: bump the k8s-io group with 7 updates - Update to version 3.17.1: merge null child chart objects builddeps: bump the k8s-io group with 7 updates fix: chec...

GHSA-7WRW-R4P8-38RX vulnerabilities

Vulnerabilities for packages: helm, capslock, secrets-store-csi-driver-provider-gcp, gops, chartmuseum, kube-metrics-adapter, crossplane-provider-keycloak, vertical-pod-autoscaler, kube-vip, nuclei, go-bindata, kubernetes-csi-driver-hostpath, kubecolor, sftpgo-plugin-eventstore,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: fulcio-fips, php-fpmexporter, vertical-pod-autoscaler-fips, rabbitmq-default-user-credential-updater, kubernetes-dashboard-metrics-scraper, kubernetes, tfsec, cilium-fips, http-echo, prometheus-alertmanager-fips, cfssl, scorecard, litefs, coredns, tigera-operator-fip...

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: kaniko, buf, cri-tools, dagger, harbor-scanner-trivy-fips, melange, helm-push, k3d, policy-controller, syft, harbor-scanner-trivy, docker-compose, grype, neuvector-scanner, wolfictl, docker, policy-controller-fips...

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: cri-tools, policy-controller, docker-compose, grype, melange, neuvector-scanner, harbor-scanner-trivy, kaniko, wolfictl, buf, helm-push, docker, dagger, k3d, syft...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: kaniko, buf, cri-tools, dagger, harbor-scanner-trivy-fips, melange, helm-push, k3d, policy-controller, syft, harbor-scanner-trivy, docker-compose, grype, neuvector-scanner, wolfictl, docker, policy-controller-fips...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: cri-tools, policy-controller, docker-compose, grype, melange, neuvector-scanner, harbor-scanner-trivy, kaniko, wolfictl, buf, helm-push, docker, dagger, k3d, syft...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: kots, kubevela, trivy, helm-operator, eksctl, chartmuseum, flux-source-controller, flux-helm-controller, k8sgpt, zarf, cilium-cli, cert-manager, up, cert-manager-fips, zot, kubescape, helm-push, k9s...

GHSA-V53G-5GJP-272R vulnerabilities

Vulnerabilities for packages: flux-helm-controller, eksctl, cilium-cli, kots, kubescape, k8sgpt, flux-source-controller, chartmuseum, up, k9s, helm-operator, helm-push, kubevela, zarf, trivy, zot...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: kots, kubevela, trivy, helm-operator, eksctl, chartmuseum, flux-source-controller, flux-helm-controller, k8sgpt, zarf, cilium-cli, cert-manager, up, cert-manager-fips, zot, kubescape, helm-push, k9s...