31 matches found
CVE-2026-50010 vulnerabilities
Vulnerabilities for packages: opensearch, kayenta-fips, solr, kayenta, docker-selenium, elasticsearch, elasticsearch-fips, cassandra, druid, management-api-for-apache-cassandra-5.0, spark-kubernetes-operator, spark-kubernetes-operator-fips, pinot-fips, spark, kserve-modelmesh...
CVE-2026-50020 vulnerabilities
Vulnerabilities for packages: wildfly, management-api-for-apache-cassandra-5.0, spark, kserve-modelmesh, opensearch, docker-selenium...
CVE-2026-50560 vulnerabilities
Vulnerabilities for packages: management-api-for-apache-cassandra-5.0, spark, docker-selenium, kserve-modelmesh...
GHSA-HVCG-QMG6-JM4C vulnerabilities
Vulnerabilities for packages: wildfly, management-api-for-apache-cassandra-5.0, spark, kserve-modelmesh, opensearch, docker-selenium...
GHSA-563Q-J3CM-6JXM vulnerabilities
Vulnerabilities for packages: management-api-for-apache-cassandra-5.0, spark, docker-selenium, kserve-modelmesh...
CVE-2026-50010 vulnerabilities
Vulnerabilities for packages: solr, management-api-for-apache-cassandra-5.0, spark, kserve-modelmesh, opensearch, druid, docker-selenium, cassandra...
GHSA-C653-97M9-RCG9 vulnerabilities
Vulnerabilities for packages: solr, management-api-for-apache-cassandra-5.0, spark, kserve-modelmesh, opensearch, druid, docker-selenium, cassandra...
CLEANSTART-2026-PK73499 Security fixes for CVE-2026-5588, CVE-2026-5598, ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-c3fc-8qff-9hwx, ghsa-fghv-69vj-qj49, ghsa-p93r-85wp-75v3, ghsa-prj3-ccx8-p6x4, ghsa-wg6q-6289-32hp, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16, 0.9.0-r1
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-EZ90321 Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s...
Multiple security vulnerabilities affect the kserve-modelmesh package. Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS PTR when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid...
CLEANSTART-2026-QG74410 Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: cert-manager, kpt, opentelemetry-operator, dgraph, splunk-otel-collector, flux-notification-controller, docker-cli, libnvidia-container, cortex, kubernetes-csi-driver-nfs, falco-exporter, sftpgo, secrets-store-csi-driver, sftpgo-plugin-eventsearch, falcoctl,...
CLEANSTART-2026-AA51484 Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-DP55969 Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-OZ32100 Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-25QH-J22F-PWP8 vulnerabilities
Vulnerabilities for packages: trino, apache-nifi-registry, management-api-for-apache-cassandra-5.0, nextflow, kserve-modelmesh, sonar-scanner-cli, akhq, thingsboard, apache-nifi, cassandra-reaper, cassandra, dependency-track, zookeeper...
CVE-2025-11226 vulnerabilities
Vulnerabilities for packages: trino, apache-nifi-registry, management-api-for-apache-cassandra-5.0, nextflow, kserve-modelmesh, sonar-scanner-cli, akhq, thingsboard, apache-nifi, cassandra-reaper, cassandra, dependency-track, zookeeper...
GHSA-25QH-J22F-PWP8 vulnerabilities
Vulnerabilities for packages: knative-kafka-broker-fips, cassandra-reaper, nacos, management-api-for-apache-cassandra-4.0, apache-nifi, knative-kafka-broker, kayenta, management-api-for-apache-cassandra-5.0, zookeeper, zookeeper-fips, akhq, management-api-for-apache-cassandra-4.1, nacos-docker,...
CVE-2025-11226 vulnerabilities
Vulnerabilities for packages: knative-kafka-broker-fips, cassandra-reaper, nacos, management-api-for-apache-cassandra-4.0, apache-nifi, knative-kafka-broker, kayenta, management-api-for-apache-cassandra-5.0, zookeeper, zookeeper-fips, akhq, management-api-for-apache-cassandra-4.1, nacos-docker,...
EUVD-2025-31743
Malicious code in bioql PyPI...
CVE-2025-57852
A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a...