14 matches found
CVE-2026-27141 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, pulumi, trivy-operator, sops, crossplane-provider-aws-firehose, kubo, crossplane-provider-aws-route53, harbor, crossplane-provider-aws-cloudformation, mattermost, timoni, traefik, external-dns, azure-service-operator, zarf, opa-envoy,...
GHSA-8FJ7-8H3W-XWFM vulnerabilities
Vulnerabilities for packages: flux-kustomize-controller-fips, crossplane-provider-aws-cognitoidentity, apache-beam-python-3.12-sdk, crossplane-provider-aws-servicediscovery, flux-source-watcher-fips, terraform-provider-grafana-fips, apm-server-fips, buildkite-agent-fips, gitlab-cng,...
CVE-2026-27141 vulnerabilities
Vulnerabilities for packages: flux-kustomize-controller-fips, crossplane-provider-aws-cognitoidentity, apache-beam-python-3.12-sdk, crossplane-provider-aws-servicediscovery, flux-source-watcher-fips, terraform-provider-grafana-fips, apm-server-fips, buildkite-agent-fips, gitlab-cng,...
CLEANSTART-2026-BH03809 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the kube-rbac-proxy-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-UJ17204 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the kube-rbac-proxy-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
EUVD-2019-13441
Malware in sbrugna...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: metallb-fips, thanos, apache-exporter, gosu-fips, gitlab-cng, prometheus-postgres-exporter, amazon-k8s-cni, gpu-operator, esbuild-fips, malcontent, cfssl, thanos-operator-fips, request-1279-14, opentofu, cilium-envoy, esbuild, spiffe-helper, descheduler-fips,...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: petname, thanos, k8sgpt-operator, kind, stakater-reloader, kubernetes-csi-external-provisioner, pulumi, prometheus-operator, sbom-scorecard, nri-kafka, nri-apache, nri-memcached, vite, aws-load-balancer-controller, docker-cli, volume-modifier-for-k8s, nri-redis,...
Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.6.15 bug fix update
Red Hat OpenShift Container Platform release 4.6.15 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...
CVE-2019-3818
The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the...
CVE-2019-3818
The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the...
CVE-2019-3818
The CVE concerns kube-rbac-proxy (container) used in Red Hat OpenShift Container Platform. Affected: kube-rbac-proxy before version 0.4.1. Issue: TLS configurations are not honored, enabling insecure ciphers and TLS 1.0 usage. Impact: potential exposure of traffic to weak encryption; attacker cou...
Man-in-the-Middle (MitM)
kube-rbac-proxy is vulnerable to man-in-the-middle attack. Insecure ciphers and TLS 1.0 are used to establish an SSL connection between the client and server, which would allow a remote attacker to exploit TLS vulnerabilities and perform man-in-the-middle attacks to sniff traffic containing...
CVE-2019-3818
The kube-rbac-proxy container, as used in Red Hat OpenShift Container Platform, does not honor TLS configurations allowing for the use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the encryption of the...