62 matches found
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: spegel-fips, kubescape-operator-fips, eksctl, neuvector-scanner, tw, docker-cli-buildx-fips, helm-mapkubeapis, syft-fips, trivy-operator, helm-set-status, syft, docker-compose, chaos-mesh-fips, envoy-gateway-fips, kubescape-server, grype, cg, kube-mgmt,...
CVE-2026-46680 vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, fuse-overlayfs-snapshotter, kaniko, kubevela, kubescape, steampipe, chartmuseum, helm-push, osv-scanner, docker, rancher-agent, trivy, containerd, gogatekeeper, wolfictl, opa, linkerd2, kots, kubescape-operator, neuvector-scanner, helm,...
GHSA-FQW6-GF59-QR4W vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, fuse-overlayfs-snapshotter, kaniko, kubevela, kubescape, steampipe, chartmuseum, helm-push, osv-scanner, docker, rancher-agent, trivy, containerd, gogatekeeper, wolfictl, opa, linkerd2, kots, kubescape-operator, neuvector-scanner, helm,...
CVE-2026-46680 vulnerabilities
Vulnerabilities for packages: spegel-fips, kubescape-operator-fips, eksctl, neuvector-scanner, tw, docker-cli-buildx-fips, helm-mapkubeapis, syft-fips, trivy-operator, helm-set-status, syft, gogatekeeper, docker-compose, chaos-mesh-fips, envoy-gateway-fips, kubescape-server, grype, cg, kube-mgmt,...
CVE-2026-35206 vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-push, nova, trivy, rancher-fleet, chart-testing, helm-docs, flux, linkerd2, kots, helm-operator, pluto, helm-set-status, eksctl, trivy-operator, cert-manager-cmctl, kube-arangodb,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-push, nova, trivy, rancher-fleet, chart-testing, helm-docs, flux, linkerd2, kots, helm-operator, pluto, helm-set-status, eksctl, trivy-operator, cert-manager-cmctl, kube-arangodb,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: mariadb-operator, victoriametrics, go, aws-privateca-issuer, grafana-rollout-operator, stakater-reloader, external-secrets-operator, dgraph, dkron, mountpoint-s3-csi-driver, flux-source-controller, gh, hubble, osv-scanner, nova, smarter-device-manager, oras, apko,...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, crossplane-provider-aws-iam, terraform-provider-azuread, kubevela, crossplane-provider-aws-memorydb, kyverno-notation-aws, flux-source-controller, crossplane-provider-aws-firehose, argo-cd, flux-helm-controller, sops, rancher-fleet,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, crossplane-provider-aws-iam, terraform-provider-azuread, kubevela, crossplane-provider-aws-memorydb, kyverno-notation-aws, flux-source-controller, crossplane-provider-aws-firehose, argo-cd, flux-helm-controller, sops, rancher-fleet,...
GHSA-8JVR-VH7G-F8GX vulnerabilities
Vulnerabilities for packages: actions-runner-controller-fips, crossplane-provider-sql-fips, protoc-gen-go, velero, kind, extism, atlantis-fips, docker-machine-driver-linode, caddy, cluster-api-provider-vsphere, nginx-prometheus-exporter, dask-gateway, oauth2-proxy, prometheus-redis-exporter-fips,...
BIT-FLUX-2022-36049 Flux2 Helm Controller denial of service
Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK th...
BIT-FLUX-2022-24817 Improper kubeconfig validation allows arbitrary code execution
Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy deployments this can also...
EUVD-2022-6887
Malicious code in bioql PyPI...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: cni-plugins, telegraf, contour, kind, azuredisk-csi, eksctl, nginx-prometheus-exporter, caddy, cluster-api-provider-vsphere, tflint, docker-machine-driver-harvester, gcp-compute-persistent-disk-csi-driver, oauth2-proxy, mattermost, emissary, kpt, nri-consul,...
CVE-2025-55199 vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-push, nova, trivy, flux-helm-controller, rancher-fleet, chart-testing, helm-docs, flux, linkerd2, kots, helm-operator, pluto, helm-set-status, kargo, eksctl, trivy-operator,...
CVE-2025-55198 vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-push, nova, trivy, flux-helm-controller, rancher-fleet, chart-testing, helm-docs, flux, linkerd2, kots, helm-operator, pluto, helm-set-status, kargo, eksctl, trivy-operator,...
GHSA-F9F8-9PMF-XV68 vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-push, nova, trivy, flux-helm-controller, rancher-fleet, chart-testing, helm-docs, flux, linkerd2, kots, helm-operator, pluto, helm-set-status, kargo, eksctl, trivy-operator,...
GHSA-9H84-QMV7-982P vulnerabilities
Vulnerabilities for packages: k8ssandra-client, k9s, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-push, nova, trivy, flux-helm-controller, rancher-fleet, chart-testing, helm-docs, flux, linkerd2, kots, helm-operator, pluto, helm-set-status, kargo, eksctl, trivy-operator,...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: helm-docs, chartmuseum-fips, eksctl, helm-operator-fips, tw, k9s, cloudbeat-fips, kubescape, chartmuseum, cert-manager-cmctl, k8ssandra-client-fips, trivy, cert-manager, helm-push, flux-helm-controller, cluster-api-helm-controller, harbor, flux-helm-controller-fips,...
CVE-2025-32386 vulnerabilities
Vulnerabilities for packages: helm-docs, chartmuseum-fips, eksctl, helm-operator-fips, tw, k9s, cloudbeat-fips, kubescape, chartmuseum, cert-manager-cmctl, k8ssandra-client-fips, trivy, cert-manager, helm-push, flux-helm-controller, cluster-api-helm-controller, harbor, flux-helm-controller-fips,...