146 matches found
CVE-2026-42506 affecting package keda for versions less than 2.14.1-13
CVE-2026-42506 affecting package keda for versions less than 2.14.1-13. A patched version of the package is available...
CVE-2026-27136 affecting package keda for versions less than 2.14.1-13
CVE-2026-27136 affecting package keda for versions less than 2.14.1-13. A patched version of the package is available...
CVE-2026-39821 affecting package keda for versions less than 2.14.1-13
CVE-2026-39821 affecting package keda for versions less than 2.14.1-13. A patched version of the package is available...
CVE-2026-35469 affecting package keda for versions less than 2.14.1-12
CVE-2026-35469 affecting package keda for versions less than 2.14.1-12. A patched version of the package is available...
CLEANSTART-2026-QS87161 Security fixes for CVE-2026-24051, CVE-2026-26958, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39882, CVE-2026-40179, CVE-2026-41889, CVE-2026-42151, CVE-2026-42154, CVE-2026-42499, CVE-2026-42501, CVE-2026-44903, ghsa-8rm2-7qqf-34qm, ghsa-9h8m-3fm2-qjrq, ghsa-9jj7-4m8r-rfcm, ghsa-fw7p-63qq-7hpr, ghsa-fw8g-cg8f-9j28, ghsa-j88v-2chj-qfwx, ghsa-p77j-4mvh-x3m3, ghsa-vffh-x6r8-xx99, ghsa-w8rr-5gcm-pp58, ghsa-wg65-39gg-5wfj, ghsa-xmrv-pmrh-hhx2 applied in versions: 2.19.0-r0, 2.19.0-r1, 2.19.0-r2, 2.19.0-r3
Multiple security vulnerabilities affect the keda package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-AP95632 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39882, CVE-2026-39883, CVE-2026-40179, CVE-2026-41889, CVE-2026-42151, CVE-2026-42154, CVE-2026-42499, CVE-2026-42501, CVE-2026-44903, ghsa-78h2-9frx-2jm8, ghsa-8rm2-7qqf-34qm, ghsa-9jj7-4m8r-rfcm, ghsa-fw8g-cg8f-9j28, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx, ghsa-p77j-4mvh-x3m3, ghsa-vffh-x6r8-xx99, ghsa-w8rr-5gcm-pp58, ghsa-wg65-39gg-5wfj, ghsa-xmrv-pmrh-hhx2 applied in versions: 2.18.3-r3
Multiple security vulnerabilities affect the keda-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-41889 vulnerabilities
Vulnerabilities for packages: dapr, falcosidekick, wal-g, gitlab-cng, vault-fips, spicedb-fips, ldap2pg, seaweedfs, goose-fips, gitaly, rke2-cloud-provider, cloudnative-pg, sqlexporter-fips, caddy-fips, step, amass, openbao-fips, step-ca-fips, dapr-fips, openfga-fips, bento-fips, rke2-runtime-fip...
CVE-2026-41889 vulnerabilities
Vulnerabilities for packages: src, dapr, steampipe, flyte, kubeflow-pipelines, step, step-issuer, spqr, spire-server, rke2-cloud-provider, amass, ferretdb, certificate-transparency, opentelemetry-collector-contrib, gitness, sqlexporter, grafana, seaweedfs, telegraf, spicedb, temporal, kine, keda,...
GHSA-J88V-2CHJ-QFWX vulnerabilities
Vulnerabilities for packages: dapr, falcosidekick, wal-g, gitlab-cng, vault-fips, spicedb-fips, ldap2pg, seaweedfs, goose-fips, gitaly, rke2-cloud-provider, cloudnative-pg, sqlexporter-fips, caddy-fips, step, amass, openbao-fips, step-ca-fips, dapr-fips, openfga-fips, bento-fips, rke2-runtime-fip...
CLEANSTART-2026-OW78143 Security fixes for CVE-2025-68156, CVE-2026-24051, CVE-2026-26958, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-cfpf-hrx2-8rv6, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3 applied in versions: 2.18.3-r0, 2.18.3-r1
Multiple security vulnerabilities affect the keda package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-JF28061 Security fixes for CVE-2026-24051, CVE-2026-26958, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3 applied in versions: 2.19.0-r0, 2.19.0-r1
Multiple security vulnerabilities affect the keda package. These issues are resolved in later releases. See references for individual vulnerability details...
Arbitrary File Read
github.com/kedacore/keda is vulnerable to Arbitrary File Read. The vulnerability is due to insufficient path validation when loading the Service Account Token from spec.hashiCorpVault.credential.serviceAccount, which allows an attacker with permission to create or modify a TriggerAuthentication...
CVE-2025-58190 affecting package keda for versions less than 2.14.1-11
CVE-2025-58190 affecting package keda for versions less than 2.14.1-11. A patched version of the package is available...
CVE-2025-11065 affecting package keda for versions less than 2.14.1-11
CVE-2025-11065 affecting package keda for versions less than 2.14.1-11. A patched version of the package is available...
CVE-2026-2303 affecting package keda for versions less than 2.14.1-11
CVE-2026-2303 affecting package keda for versions less than 2.14.1-11. A patched version of the package is available...
CVE-2025-47911 affecting package keda for versions less than 2.14.1-11
CVE-2025-47911 affecting package keda for versions less than 2.14.1-11. A patched version of the package is available...
CVE-2025-30204 affecting package keda for versions less than 2.4.0-32
CVE-2025-30204 affecting package keda for versions less than 2.4.0-32. A patched version of the package is available...
CVE-2025-11065 affecting package keda for versions less than 2.4.0-32
CVE-2025-11065 affecting package keda for versions less than 2.4.0-32. A patched version of the package is available...
CVE-2025-47911 affecting package keda for versions less than 2.4.0-32
CVE-2025-47911 affecting package keda for versions less than 2.4.0-32. A patched version of the package is available...
AZL-78123 CVE-2026-26958 affecting package keda 2.14.1-11
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If Point.MultiScalarMult i...