30 matches found
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: flux, trivy-operator, cert-manager-cmctl, tw, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, istio, trivy, consul-k8s, pluto, kots, cerbos, helm-mapkubeapis, chartmuseum, teleport, tigera-operator, envoy-gateway, k8ssandra-clien...
CVE-2026-35206 vulnerabilities
Vulnerabilities for packages: flux, trivy-operator, cert-manager-cmctl, tw, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, istio, trivy, consul-k8s, pluto, kots, cerbos, helm-mapkubeapis, chartmuseum, teleport, tigera-operator, envoy-gateway, k8ssandra-clien...
GHSA-HR2V-4R36-88HR vulnerabilities
Vulnerabilities for packages: flux-source-controller, kubescape-server, cert-manager-cmctl, chartmuseum, pluto, tw, zarf, tigera-operator, headlamp-fips, rancher-fleet-fips, teleport, k9s, helm-diff, k8ssandra-client, chartmuseum-fips, cerbos-fips, flux, helm-push, helm-operator, headlamp,...
CLEANSTART-2026-PM59896 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.41.1-r0, 1.41.1-r1
Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-33186 vulnerabilities
Vulnerabilities for packages: cloudflared, step-ca, falcosidekick, cloud-provider-gcp-cloud-controller-manager, terragrunt, crossplane-provider-aws-cloudwatchlogs, crossplane-provider-aws-memorydb, kots, prometheus-adapter, xeol, k8sgateway, slsa-verifier, helm-mapkubeapis,...
GHSA-P77J-4MVH-X3M3 vulnerabilities
Vulnerabilities for packages: cloudflared, step-ca, falcosidekick, cloud-provider-gcp-cloud-controller-manager, terragrunt, crossplane-provider-aws-cloudwatchlogs, crossplane-provider-aws-memorydb, kots, prometheus-adapter, xeol, k8sgateway, slsa-verifier, helm-mapkubeapis,...
CLEANSTART-2026-NS41924 Within HostnameError
Multiple security vulnerabilities affect the helm-operator package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-TS12850 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-RD08428 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CVE-2025-55199 vulnerabilities
Vulnerabilities for packages: kargo, flux, trivy-operator, cert-manager-cmctl, tw, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, istio, trivy, consul-k8s, pluto, kots, cerbos, helm-mapkubeapis, chartmuseum, teleport, envoy-gateway, k8ssandra-client, linkerd...
CVE-2025-55198 vulnerabilities
Vulnerabilities for packages: kargo, flux, trivy-operator, cert-manager-cmctl, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, istio, trivy, consul-k8s, pluto, kots, cerbos, helm-mapkubeapis, chartmuseum, teleport, envoy-gateway, k8ssandra-client, linkerd2,...
GHSA-F9F8-9PMF-XV68 vulnerabilities
Vulnerabilities for packages: kargo, flux, trivy-operator, cert-manager-cmctl, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, istio, trivy, consul-k8s, pluto, kots, cerbos, helm-mapkubeapis, chartmuseum, teleport, envoy-gateway, k8ssandra-client, linkerd2,...
GHSA-9H84-QMV7-982P vulnerabilities
Vulnerabilities for packages: kargo, flux, trivy-operator, cert-manager-cmctl, tw, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, istio, trivy, consul-k8s, pluto, kots, cerbos, helm-mapkubeapis, chartmuseum, teleport, envoy-gateway, k8ssandra-client, linkerd...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: sqlexporter, glow, openbao-fips, gpu-operator, docker-cli-fips, buildkitd, cass-operator, spark-operator-fips, vault-csi-provider, gosu, velero, external-secrets-operator, helm-fips, authservice, kubernetes-fips, docker-credential-gcr,...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: flux, tw, cert-manager-cmctl, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, trivy, rancher-helm, pluto, kots, chartmuseum, teleport, k8ssandra-client, chart-testing, helm-push, flux-helm-controller, k9s, zot, eksctl, helm-docs,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: flux, tw, cert-manager-cmctl, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, trivy, rancher-helm, pluto, kots, chartmuseum, teleport, k8ssandra-client, chart-testing, helm-push, flux-helm-controller, k9s, zot, eksctl, helm-docs,...
CVE-2025-32386 vulnerabilities
Vulnerabilities for packages: flux, tw, cert-manager-cmctl, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, trivy, rancher-helm, pluto, kots, chartmuseum, teleport, k8ssandra-client, chart-testing, helm-push, flux-helm-controller, k9s, zot, eksctl, helm-docs,...
GHSA-5XQW-8HWV-WG92 vulnerabilities
Vulnerabilities for packages: flux, tw, cert-manager-cmctl, cluster-api-helm-controller, zarf, helm-operator, flux-source-controller, cilium-cli, trivy, rancher-helm, pluto, kots, chartmuseum, teleport, k8ssandra-client, chart-testing, helm-push, flux-helm-controller, k9s, zot, eksctl, helm-docs,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: flux-source-controller, rancher-helm, cert-manager-cmctl, chartmuseum, pluto, tw, zarf, teleport, k9s, k8ssandra-client, chartmuseum-fips, flux, helm-push, helm-operator, kubescape, flux-helm-controller, eksctl, cloudbeat-fips, harbor, chart-testing,...
GHSA-5XQW-8HWV-WG92 vulnerabilities
Vulnerabilities for packages: flux-source-controller, rancher-helm, cert-manager-cmctl, chartmuseum, pluto, tw, zarf, teleport, k9s, k8ssandra-client, chartmuseum-fips, flux, helm-push, helm-operator, kubescape, flux-helm-controller, eksctl, cloudbeat-fips, harbor, chart-testing,...