19 matches found
GHSA-JPCC-P29G-P8MQ vulnerabilities
Vulnerabilities for packages: kaniko, docker-compose-fips, kots, kubescape, helm, amazon-ecs-agent, kube-mgmt, envoy-gateway-fips, helm-push, trivy-operator-fips, wolfictl, packer-fips, steampipe, chaos-mesh, crossplane, gitlab-rails-ce-fips, neuvector-scanner-fips, manifest-tool, chartmuseum-fip...
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: kaniko, docker-compose-fips, kots, kubescape, helm, amazon-ecs-agent, kube-mgmt, envoy-gateway-fips, helm-push, trivy-operator-fips, wolfictl, packer-fips, steampipe, chaos-mesh, crossplane, gitlab-rails-ce-fips, neuvector-scanner-fips, manifest-tool, chartmuseum-fip...
CLEANSTART-2026-PF41398 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121 applied in versions: 3.19.0-r0, 3.19.5-r0, 4.0.1-r0
Multiple security vulnerabilities affect the helm-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-UJ10620 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, CVE-2026-1229, ghsa-q9hv-hpm4-hj6x applied in versions: 3.19.0-r0, 4.0.1-r0, 4.0.5-r0, 4.0.5-r1
Multiple security vulnerabilities affect the helm-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-OT07577 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229 applied in versions: 3.19.0-r0, 4.0.1-r0, 4.1.0-r0
Multiple security vulnerabilities affect the helm-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: cerbos, ratify, argocd-image-updater, crossplane-provider-keycloak, kots, kubescape, helm, crossplane-provider-aws-sns, crossplane-provider-aws-rds, helm-push, crossplane-provider-azure-authorization, omni-fips, trivy-operator-fips, wolfictl, hydra-fips, q,...
CLEANSTART-2026-VZ85637 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-IG94553 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-UR80185 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-FS64938 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-HX78047 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-JR37040 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-TL71584 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-EL98016 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-GS02052 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
GHSA-V778-237X-GJRC vulnerabilities
Vulnerabilities for packages: trust-manager, kaniko, rekor, kubeflow-katib, cfssl-fips, docker-credential-acr-env, kaf, kubernetes-dashboard-api, tkn, kubeflow-pipelines, oauth2-proxy, packer-fips, prometheus-node-exporter, amazon-cloudwatch-agent, prometheus-alertmanager,...
CVE-2024-24791 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy-fips, trust-manager, logstash-exporter, kaniko, nodetaint, rekor, stern, docker-credential-acr-env, kaf, tkn, secrets-store-csi-driver-provider-aws, kubeflow-pipelines, aws-flb-cloudwatch, oauth2-proxy, cue-fips, prometheus-node-exporter,...
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy-fips, trust-manager, logstash-exporter, kaniko, nodetaint, kubeflow-katib, rekor, stern, docker-credential-acr-env, kaf, tkn, secrets-store-csi-driver-provider-aws, aws-flb-cloudwatch, oauth2-proxy, cue-fips, prometheus-node-exporter,...
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: zarf, cert-manager-fips, cert-manager, cosign-fips, kots, kubeflow-katib, tekton-chains, up, kubescape, chartmuseum, ctop, flux, datadog-agent, helm, pulumi, loki, eksctl, cadvisor-fips, goreleaser, vexctl, helm-operator, buildkitd, kpt, trivy, aactl,...