36 matches found
CVE-2026-39821 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6
CVE-2026-39821 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...
CVE-2026-42506 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6
CVE-2026-42506 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...
CVE-2026-25681 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6
CVE-2026-25681 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...
CVE-2026-42502 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6
CVE-2026-42502 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...
CVE-2026-25680 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6
CVE-2026-25680 affecting package kube-vip-cloud-provider for versions less than 0.0.10-6. A patched version of the package is available...
CVE-2025-58190 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5
CVE-2025-58190 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5. A patched version of the package is available...
CVE-2025-47911 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5
CVE-2025-47911 affecting package kube-vip-cloud-provider for versions less than 0.0.10-5. A patched version of the package is available...
CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26
CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26. A patched version of the package is available...
CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26
CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26. A patched version of the package is available...
AZL-77010 CVE-2025-58190 affecting package kube-vip-cloud-provider 0.0.10-4
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-75491 CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
CVE-2025-65637 affecting package kube-vip-cloud-provider for versions less than 0.0.2-24
CVE-2025-65637 affecting package kube-vip-cloud-provider for versions less than 0.0.2-24. A patched version of the package is available...
CVE-2025-47906 vulnerabilities
Vulnerabilities for packages: vexctl, nvidia-nsight-compute-12.9, newrelic-nri-statsd, nvidia-nsight-compute-13.1, checksec, cluster-autoscaler-fips, nats, secrets-store-csi-driver-provider-aws-fips, gostatsd, azuredisk-csi-fips, linkerd2-proxy-init, kubernetes-dashboard-fips, cloud-provider-aws,...
GHSA-GWRF-JF3H-W649 vulnerabilities
Vulnerabilities for packages: vexctl, nvidia-nsight-compute-12.9, newrelic-nri-statsd, nvidia-nsight-compute-13.1, checksec, cluster-autoscaler-fips, nats, secrets-store-csi-driver-provider-aws-fips, gostatsd, azuredisk-csi-fips, linkerd2-proxy-init, kubernetes-dashboard-fips, cloud-provider-aws,...
CVE-2025-22872 affecting package kube-vip-cloud-provider for versions less than 0.0.10-4
CVE-2025-22872 affecting package kube-vip-cloud-provider for versions less than 0.0.10-4. A patched version of the package is available...
AZL-60573 CVE-2025-22872 affecting package kube-vip-cloud-provider for versions less than 0.0.10-4
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...
CVE-2024-51744 affecting package kube-vip-cloud-provider for versions less than 0.0.2-22
CVE-2024-51744 affecting package kube-vip-cloud-provider for versions less than 0.0.2-22. A patched version of the package is available...
AZL-77517 CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26
golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...
CVE-2025-27144 affecting package kube-vip-cloud-provider for versions less than 0.0.2-20
CVE-2025-27144 affecting package kube-vip-cloud-provider for versions less than 0.0.2-20. A patched version of the package is available...
CVE-2024-45338 affecting package kube-vip-cloud-provider for versions less than 0.0.10-3
CVE-2024-45338 affecting package kube-vip-cloud-provider for versions less than 0.0.10-3. A patched version of the package is available...