13 matches found
CVE-2026-35469
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...
GHSA-M4PR-4J3G-9V7V vulnerabilities
Vulnerabilities for packages: wal-g, litestream, mesosphere-vsphere-csi, thanos-operator, nats, helm-set-status, flux-helm-controller, maru, harbor-scanner-trivy, kafka-proxy, nri-apache, helm-push, argo-cd, boring-registry, docker-credential-acr-env, gitness, wave, gobuster,...
GHSA-H355-32PF-P2XM vulnerabilities
Vulnerabilities for packages: wal-g, litestream, mesosphere-vsphere-csi, thanos-operator, nats, flux-helm-controller, maru, harbor-scanner-trivy, fulcio, kafka-proxy, nri-apache, argo-cd, boring-registry, docker-credential-acr-env, gitness, tempo, gobuster, wave, mongodb-kubernetes-operator, xeol...
GHSA-G9Q4-QJX4-2V7Q vulnerabilities
Vulnerabilities for packages: beats-fips, kine, vendir-fips, localstack, thanos-operator, helm-set-status, packer-fips, kubo, cert-manager-cmctl, k3s, aws-flb-kinesis-fips, headlamp, vale, k9s-fips, flux-kustomize-controller-fips, kubernetes-dashboard-api, conftest, gitlab-rails-ce,...
CVE-2025-47910 vulnerabilities
Vulnerabilities for packages: cis-operator, tempo, swagger, thanos-operator, helm-set-status, trivy, kubernetes-csi-external-health-monitor, k3s, portieris, wgcf, ip-masq-agent, headlamp, kubecolor, nri-apache, kubernetes-dashboard-api, conftest, helm-push, controller-gen, kubernetes-dashboard,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: trust-manager, hello-world-golang, helm-set-status, flux-helm-controller, harbor-scanner-trivy, fulcio, helm-push, argo-cd, boring-registry, gitness, xeol, docker-cli, lazygit, nri-postgresql, glow, smarter-device-manager, cloud-sql-proxy, apko, nri-cassandra, swagge...
CVE-2025-47907 vulnerabilities
Vulnerabilities for packages: prometheus-postgres-exporter, beats-fips, helm-set-status, jaeger-operator-fips, kubo, openfga, velero-fips, aws-flb-kinesis-fips, kyverno-policy-reporter, ip-masq-agent, cert-manager-csi-driver-fips, apache-exporter, kubecolor, aws-otel-collector-fips, mods,...
CVE-2025-30204 vulnerabilities
Vulnerabilities for packages: crossplane-provider-azure-authorization, terraform-provider-azapi-fips, beats-fips, kine, tempo, velero-plugin-for-microsoft-azure-fips, tkn-fips, trivy, openfga, flyte, k3s, cluster-autoscaler, velero-fips, amazon-cloudwatch-agent-operator-fips, buildkitd-fips,...
GHSA-CRQM-PWHX-J97F vulnerabilities
Vulnerabilities for packages: prometheus-postgres-exporter, kustomize-fips, terraform-provider-aws, apache-beam-java-sdk, velero-fips, aws-flb-kinesis-fips, kyverno-policy-reporter, ip-masq-agent, src-fingerprint, spqr, kubecolor, crane, crossplane, nri-apache, distribution, controller-gen, mods,...
CVE-2024-34156 vulnerabilities
Vulnerabilities for packages: prometheus-postgres-exporter, kustomize-fips, terraform-provider-aws, apache-beam-java-sdk, velero-fips, aws-flb-kinesis-fips, kyverno-policy-reporter, ip-masq-agent, src-fingerprint, spqr, kubecolor, crane, crossplane, nri-apache, distribution, controller-gen, mods,...
kubernetes: Bearer tokens written to logs at high verbosity levels (>= 7)
The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components such as kube-apiserver prior to v1.16.0, which make use of basic or bearer token authentication, and run ...
CVE-2019-11250
The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components such as kube-apiserver prior to v1.16.0, which make use of basic or bearer token authentication, and run ...
CVE-2019-11250
The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components such as kube-apiserver prior to v1.16.0, which make use of basic or bearer token authentication, and run ...