Lucene search
K

688 matches found

Chainguard
Chainguard
added 2026/06/26 8:22 p.m.6 views

GHSA-5CGQ-3RG8-M6CV vulnerabilities

Vulnerabilities for packages: vitess, mattermost, omnictl-multiarch-fips, argocd-image-updater, keda-fips, upwind-agent, mattermost-fips, flux, apply-cve-bump, harbor, omnictl-multiarch, loki, knative-kafka-broker-fips, prometheus-mongodb-exporter, gitlab-rails-ce, prometheus, istio,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.6 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: argocd-image-updater, kots, kubescape, helm, kaf, frankenphp-8.2, prometheus-mongodb-exporter, istio, trivy-operator-fips, cloud-provider-aws, commercial-grafana, kubernetes, osv-scanner, argo-workflows, calico-fips, gitlab-rails-ce-fips, traefik-fips, frankenphp-8.4...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: gitea, flux-image-automation-controller, external-dns, kubescape, knative-serving, kots, opentelemetry-collector, prometheus, argocd-image-updater, kine, snyk-cli, flux-source-controller, zot, istio, gitlab-kas, zarf, kaf, vitess, chisel, cilium, k9s, argo-cd,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: atlantis, flux-image-automation-controller, external-dns, pulumi-language-dotnet, flux-operator, witness, podman, kine, tekton-chains, flux-source-controller, zot, apko, sops, kaf, k8sgpt, cert-manager, loki, step, trivy-operator, kargo,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: gitea, docker-machine-driver-harvester, flux-image-automation-controller, external-dns, kubescape, knative-serving, kots, opentelemetry-collector, prometheus, argocd-image-updater, kine, snyk-cli, flux-source-controller, zot, istio, gitlab-kas, zarf, kaf, vitess,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.7 views

GHSA-78MQ-XCR3-XM33 vulnerabilities

Vulnerabilities for packages: gitea, flux-image-automation-controller, external-dns, kubescape, teleport, knative-serving, pulumi-language-dotnet, kots, witness, opentelemetry-collector, prometheus, argocd-image-updater, kine, grype, flux-source-controller, podman, apko, nuclei, snyk-cli, zot,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.6 views

GHSA-JPPX-RXG9-JMRX vulnerabilities

Vulnerabilities for packages: external-dns, teleport, knative-serving, kots, docker-cli-buildx, opentelemetry-collector, prometheus, podman, kine, snyk-cli, zot, istio, gitlab-kas, kaf, buildah, vitess, cilium, argo-cd, cert-manager, loki, containerd, cloud-provider-aws, spire-server, nerdctl,...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5363 Istio: SSRF via RequestAuthentication jwksUri in istio.io/istio

Istio: SSRF via RequestAuthentication jwksUri in istio.io/istio...

7.7CVSS5.8AI score0.00329EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 6:43 p.m.3 views

GO-2026-5289 Istio: AuthorizationPolicy serviceAccounts regex injection via unescaped dots in istio.io/istio

Istio: AuthorizationPolicy serviceAccounts regex injection via unescaped dots in istio.io/istio...

5.4CVSS5.8AI score0.00209EPSS
Exploits0References3
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.8 views

GHSA-5WRP-CWCJ-Q835 vulnerabilities

Vulnerabilities for packages: k8s-agents-operator-fips, cluster-api-gcp-controller, kaniko, rekor, cert-manager-csi-driver-fips, gitlab-kas-fips, crossplane-provider-aws-kafka, tkn, crossplane-provider-azure-resources, envoy-gateway-fips, kubeflow-pipelines, opentelemetry-ebpf-instrumentation-fip...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.8 views

CVE-2026-41178 vulnerabilities

Vulnerabilities for packages: k8s-agents-operator-fips, cluster-api-gcp-controller, kaniko, rekor, cert-manager-csi-driver-fips, gitlab-kas-fips, crossplane-provider-aws-kafka, tkn, crossplane-provider-azure-resources, envoy-gateway-fips, kubeflow-pipelines, opentelemetry-ebpf-instrumentation-fip...

5.3CVSS6.1AI score0.00237EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/16 8:59 a.m.15 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.9

Red Hat OpenShift Service Mesh 3.1.9 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.1....

7.5CVSS5.7AI score0.00815EPSS
Exploits1References2
OSV
OSV
added 2026/06/08 12:35 p.m.8 views

CLEANSTART-2026-YY48565 Security fixes for CVE-2025-15558, CVE-2026-24051, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-27145, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-46597, CVE-2026-46598, ghsa-78h2-9frx-2jm8, ghsa-9h8m-3fm2-qjrq, ghsa-hfvc-g4fc-pqhx, ghsa-mh2q-q3fh-2475, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2 applied in versions: 1.28.5-r0, 1.28.5-r1, 1.28.5-r2, 1.28.5-r3, 1.28.5-r4

Multiple security vulnerabilities affect the istio package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS5.8AI score0.01557EPSS
Exploits3References102
OSV
OSV
added 2026/06/08 12:33 p.m.8 views

CLEANSTART-2026-BX78383 Security fixes for CVE-2025-15558, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-40179, CVE-2026-42151, CVE-2026-42154, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-44903, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-8rm2-7qqf-34qm, ghsa-fw8g-cg8f-9j28, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 1.29.0-r0, 1.29.0-r1, 1.29.1-r0, 1.29.2-r0, 1.29.2-r1, 1.29.2-r2

Multiple security vulnerabilities affect the istio package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7.3AI score0.01557EPSS
Exploits1References89
RedhatCVE
RedhatCVE
added 2026/05/25 11:26 p.m.14 views

CVE-2026-41413

A flaw was found in Istio. When a RequestAuthentication resource is created with a jwksUri JSON Web Key Set Uniform Resource Identifier that points to an internal service, istiod the Istio control plane daemon makes an unauthenticated HTTP GET request to that URL. This request does not properly...

7.7CVSS5.7AI score0.00329EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.9 views

PT-2026-42178

CVE-2026-47237 – Overly Permissive Istio Permissions Allow Kubeflow Authorization Token Stealing https://t.co/NYDWRfbN4F...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/18 1:55 p.m.8 views

CLEANSTART-2026-ID81656 Security fixes for CVE-2025-15558, CVE-2026-33186, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3 applied in versions: 1.29.0-r0, 1.29.0-r1, 1.29.1-r0

Multiple security vulnerabilities affect the istio package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References7
OSV
OSV
added 2026/05/18 1:20 p.m.12 views

CLEANSTART-2026-IS19112 Security fixes for CVE-2025-15558, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-hfvc-g4fc-pqhx, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3 applied in versions: 1.29.0-r0, 1.29.0-r1, 1.29.1-r0, 1.29.1-r1

Multiple security vulnerabilities affect the istio package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS6.8AI score0.01557EPSS
Exploits2References29
Wolfi
Wolfi
added 2026/05/14 7:48 p.m.21 views

CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: node-problem-detector, prometheus, datadog-agent, karma, minio, mc, jaeger, prometheus-pushgateway, keda, istio, trillian, cloud-sql-proxy, fluent-bit-plugin-loki, metrics-server, tempo, amazon-cloudwatch-agent-operator, loki, minio-object-browser,...

6.1CVSS6.1AI score0.00182EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/14 7:17 p.m.16 views

CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: certificate-transparency-fips, ld-relay, nrdot-collector-k8s, cloud-sql-proxy-fips, keda-fips, minio-fips, jaeger-fips, datadog-agent, jaeger, opentelemetry-operator-fips, loki, karma-fips, prometheus, istio-fips, amazon-cloudwatch-agent-operator-fips,...

6.1CVSS6.1AI score0.00182EPSS
Exploits0
Rows per page
Query Builder