32 matches found
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: cluster-api-helm-controller-fips, syft, kubescape-operator, helm-push, neuvector-fips, docker-fips, gatekeeper, kgateway, fuse-overlayfs-snapshotter, docker, trivy-fips, amazon-ecs-agent-fips, neuvector, rancher-agent, dagger, newrelic-infrastructure-agent, grype,...
CLEANSTART-2026-CL67452 Security fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-27145, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-35206, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, CVE-2026-46680, ghsa-fqw6-gf59-qr4w, ghsa-hfvc-g4fc-pqhx, ghsa-hr2v-4r36-88hr, ghsa-mh2q-q3fh-2475, ghsa-pc3f-x583-g7j2 applied in versions: 1.41.1-r0, 1.41.1-r1, 1.42.2-r0, 1.42.2-r1
Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: helm-mapkubeapis, envoy-gateway, trivy, linkerd2, rancher-fleet, zot, k8ssandra-client, tigera-operator, istio, harbor, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux, tw, teleport, helm-push, kube-arangodb, headlamp, chartmuseum, k9s, kubescape,...
CVE-2026-35206 vulnerabilities
Vulnerabilities for packages: helm-mapkubeapis, envoy-gateway, trivy, linkerd2, rancher-fleet, zot, k8ssandra-client, tigera-operator, istio, harbor, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux, tw, teleport, helm-push, kube-arangodb, headlamp, chartmuseum, k9s, kubescape,...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: cluster-api-helm-controller-fips, teleport, cert-manager-cmctl-fips, cluster-api-helm-controller, eksctl, flux-source-controller, rancher-fleet, helm-exporter, kube-arangodb, helm-push, k8ssandra-client-fips, helm-set-status, linkerd2, zarf-fips, flux-fips,...
CLEANSTART-2026-PM59896 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.41.1-r0, 1.41.1-r1
Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-P77J-4MVH-X3M3 vulnerabilities
Vulnerabilities for packages: traefik, guac, flux-image-automation-controller, linkerd2, dagdotdev, k3s, terraform-provider-random, volume-modifier-for-k8s, sftpgo-plugin-geoipfilter, trillian, multus-cni, jitsucom-bulker, migrate, gcp-compute-persistent-disk-csi-driver, policy-controller,...
CVE-2026-33186 vulnerabilities
Vulnerabilities for packages: traefik, guac, flux-image-automation-controller, linkerd2, dagdotdev, k3s, terraform-provider-random, volume-modifier-for-k8s, sftpgo-plugin-geoipfilter, trillian, multus-cni, jitsucom-bulker, migrate, gcp-compute-persistent-disk-csi-driver, policy-controller,...
CLEANSTART-2026-NS41924 Within HostnameError
Multiple security vulnerabilities affect the helm-operator package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-TS12850 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-RD08428 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CVE-2025-55199 vulnerabilities
Vulnerabilities for packages: helm-mapkubeapis, envoy-gateway, trivy, linkerd2, rancher-fleet, zot, k8ssandra-client, istio, harbor, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, tw, teleport, helm-push, kube-arangodb, headlamp, chartmuseum, kargo, k9s,...
CVE-2025-55198 vulnerabilities
Vulnerabilities for packages: helm-mapkubeapis, envoy-gateway, trivy, linkerd2, rancher-fleet, zot, k8ssandra-client, istio, harbor, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, teleport, helm-push, kube-arangodb, headlamp, chartmuseum, kargo, k9s,...
GHSA-F9F8-9PMF-XV68 vulnerabilities
Vulnerabilities for packages: helm-mapkubeapis, envoy-gateway, trivy, linkerd2, rancher-fleet, zot, k8ssandra-client, istio, harbor, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, teleport, helm-push, kube-arangodb, headlamp, chartmuseum, kargo, k9s,...
GHSA-9H84-QMV7-982P vulnerabilities
Vulnerabilities for packages: helm-mapkubeapis, envoy-gateway, trivy, linkerd2, rancher-fleet, zot, k8ssandra-client, istio, harbor, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, tw, teleport, helm-push, kube-arangodb, headlamp, chartmuseum, kargo, k9s,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: beats-fips, src, conftest, argo-events-fips, mc, neuvector-fips, aws-sigv4-proxy, gatekeeper, chart-testing-fips, cass-operator, grafana, kubernetes-csi-external-provisioner, bazelisk, flux-image-automation-controller, cerbos, aws-flb-firehose, loki, gomplate,...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: zot, k8ssandra-client, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, tw, helm-push, rancher-helm, chartmuseum, k9s, kubescape, eksctl, pluto, flux-source-controller, consul-k8s, kots, zarf, helm-operator, helm-docs, trivy,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: zot, k8ssandra-client, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, tw, helm-push, rancher-helm, chartmuseum, k9s, kubescape, eksctl, pluto, flux-source-controller, consul-k8s, kots, zarf, helm-operator, helm-docs, trivy,...
CVE-2025-32386 vulnerabilities
Vulnerabilities for packages: zot, k8ssandra-client, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, tw, helm-push, rancher-helm, chartmuseum, k9s, kubescape, eksctl, pluto, flux-source-controller, consul-k8s, kots, zarf, helm-operator, helm-docs, trivy,...
GHSA-5XQW-8HWV-WG92 vulnerabilities
Vulnerabilities for packages: zot, k8ssandra-client, cert-manager-cmctl, cluster-api-helm-controller, cilium-cli, flux-helm-controller, flux, tw, helm-push, rancher-helm, chartmuseum, k9s, kubescape, eksctl, pluto, flux-source-controller, consul-k8s, kots, zarf, helm-operator, helm-docs, trivy,...