514 matches found
GHSA-GJ48-438W-JH9V vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server...
GHSA-8RFP-98V4-MMR6 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server...
GHSA-8RFP-98V4-MMR6 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server...
GHSA-GJ48-438W-JH9V vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server...
GHSA-F38Q-MGVJ-VPH7 vulnerabilities
Vulnerabilities for packages: vitess, kubeflow-centraldashboard, jitsucom-jitsu, langfuse-fips, langfuse, pulumi, cadence-web, kibana...
CVE-2026-54269 vulnerabilities
Vulnerabilities for packages: vitess, kubeflow-centraldashboard, jitsucom-jitsu, langfuse-fips, langfuse, pulumi, cadence-web, kibana...
GHSA-F38Q-MGVJ-VPH7 vulnerabilities
Vulnerabilities for packages: langfuse, jitsucom-jitsu, kubeflow-centraldashboard, vitess, pulumi...
CVE-2026-12143 vulnerabilities
Vulnerabilities for packages: langfuse, jitsucom-jitsu, kubeflow-pipelines, saf, kubeflow-centraldashboard...
CVE-2026-54269 vulnerabilities
Vulnerabilities for packages: langfuse, jitsucom-jitsu, kubeflow-centraldashboard, vitess, pulumi...
GHSA-HMW2-7CC7-3QXX vulnerabilities
Vulnerabilities for packages: langfuse, jitsucom-jitsu, kubeflow-pipelines, saf, kubeflow-centraldashboard...
GHSA-G7R4-M6W7-QQQR vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines...
GHSA-GV7W-RQVM-QJHR vulnerabilities
Vulnerabilities for packages: vitess, kubeflow-pipelines, langfuse-fips, renovate, argo-workflows, langfuse, vite...
GHSA-GV7W-RQVM-QJHR vulnerabilities
Vulnerabilities for packages: renovate, kubeflow-pipelines, vite, argo-workflows, vitess...
GHSA-G7R4-M6W7-QQQR vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines...
CVE-2026-31229
The Adversarial Robustness Toolbox ART thru 1.20.1 contains an insecure deserialization vulnerability CWE-502 in its Kubeflow component's model loading functionality. When loading model weights from a file e.g., model.pt during robustness evaluation, the code uses torch.load without the...
CVE-2026-31230
The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...
CVE-2026-31228
The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...
CVE-2026-34993 vulnerabilities
Vulnerabilities for packages: kubeflow-katib, dask-kubernetes, open-webui, airflow, checkov...
GHSA-JG22-MG44-37J8 vulnerabilities
Vulnerabilities for packages: kubeflow-katib, dask-kubernetes, open-webui, airflow, checkov...
CVE-2026-47265 vulnerabilities
Vulnerabilities for packages: kubeflow-katib, dask-kubernetes, open-webui, airflow, checkov...