75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: rancher-agent, omnictl-multiarch-fips, trivy, frankenphp-8.2, gatekeeper-fips, loki, harbor-fips, argo-workflows-fips, k3s, kubescape, zarf, flux, chisel, cloudbeat, gitlab-rails-ce-fips, nemo, k9s-fips, kaf, prometheus-fips, opentofu-fips, argo-cd-fips, zitadel,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: wal-g, crossplane-provider-aws-dynamodb, scorecard, helm, glab, pulumi, buildah, guac, terragrunt, cilium, crossplane-provider-aws-rds, crossplane-provider-aws-eks, skaffold, k8sgpt, kubernetes-dashboard, crossplane-provider-aws-iam, kyverno, kine,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: fscrypt, external-dns, kaf, minio, helm, spire-server, istio, osv-scanner, trivy-operator, k3s, zarf, containerd, vitess, prometheus-operator, cilium, cert-manager, skaffold, flux, flux-source-controller, gitea, kubernetes-dashboard, mattermost, knative-serving,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: wal-g, scorecard, helm, glab, pulumi, buildah, guac, terragrunt, cilium, skaffold, k8sgpt, kubernetes-dashboard, kyverno, kine, crossplane-provider-azure-authorization, k9s, crossplane-provider-azure-managedidentity, kubernetes, podman, melange, nerdctl,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: fscrypt, external-dns, kaf, minio, helm, spire-server, docker-machine-driver-harvester, istio, osv-scanner, trivy-operator, k3s, zarf, containerd, vitess, prometheus-operator, cilium, cert-manager, skaffold, flux, flux-source-controller, gitea, kubernetes-dashboard,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: fscrypt, external-dns, kaf, minio, helm, spire-server, buildah, istio, k3s, containerd, vitess, prometheus-operator, cilium, cert-manager, flux, kubernetes-dashboard, mattermost, knative-serving, kyverno, telegraf, opentelemetry-collector, prometheus, kine, loki, kot...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: fscrypt, external-dns, kaf, minio, scorecard, helm, pulumi, spire-server, guac, istio, nfpm, k3s, osv-scanner, argo-events, containerd, terragrunt, vitess, zarf, nerdctl, prometheus-operator, cilium, cert-manager, grype, pulumi-language-java, skaffold, flux,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: fscrypt, external-dns, kaf, minio, helm, spire-server, buildah, istio, k3s, containerd, vitess, prometheus-operator, cilium, cert-manager, flux, kubernetes-dashboard, mattermost, knative-serving, kyverno, telegraf, opentelemetry-collector, prometheus, kine, loki, kot...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, loki-fips, falcoctl, amazon-cloudwatch-agent-operator-fips, azurefile-csi-fips, loki, k3s, argo-rollouts-fips, kube-rbac-proxy, tkn-fips, gitlab-rails-ce-fips, linkerd2, helmfile, nemo, aws-eks-pod-identity-agent,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: fscrypt, external-dns, kaf, hubble, spire-server, grafana, istio, k3s, aws-flb-firehose, falco-no-driver, prometheus-operator, gitlab-pages, cilium, cert-manager, flux, kubernetes-dashboard, runc, gitaly, datadog-agent, fuse-overlayfs-snapshotter, knative-serving,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: fscrypt, external-dns, kaf, hubble, spire-server, grafana, istio, k3s, aws-flb-firehose, falco-no-driver, prometheus-operator, gitlab-pages, cilium, cert-manager, flux, kubernetes-dashboard, runc, gitaly, datadog-agent, fuse-overlayfs-snapshotter, knative-serving,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: wal-g, scorecard, helm, knative-client, buildah, flux-helm-controller, grafana, aws-flb-firehose, rabbitmq-messaging-topology-operator, seaweedfs, prometheus-adapter, gcp-compute-persistent-disk-csi-driver, cilium, helm-mapkubeapis, timoni, volume-modifier-for-k8s,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: wal-g, scorecard, helm, knative-client, buildah, flux-helm-controller, grafana, aws-flb-firehose, rabbitmq-messaging-topology-operator, seaweedfs, prometheus-adapter, gcp-compute-persistent-disk-csi-driver, cilium, helm-mapkubeapis, timoni, volume-modifier-for-k8s,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: helm, liquibase-package-manager, seaweedfs, kafkaexporter, helm-mapkubeapis, kbld, harbor-cli, openbao-k8s, yunikorn-k8shim, cert-exporter, rqlite, kyverno, kubernetes-replicator, migrate, crossplane-provider-azure-managedidentity, cue, terraform-provider-pagerduty,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: helm, liquibase-package-manager, seaweedfs, kafkaexporter, helm-mapkubeapis, kbld, harbor-cli, openbao-k8s, yunikorn-k8shim, cert-exporter, rqlite, kyverno, kubernetes-replicator, migrate, crossplane-provider-azure-managedidentity, cue, terraform-provider-pagerduty,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: kube-logging-logging-operator, grafana-operator-fips, dataplaneapi-fips, fluxcd-kustomize-mutating-webhook, aws-network-policy-agent, tailscale, flux, karpenter, kubernetes-dashboard-web-fips, nemo, external-secrets-operator, actions-runner-controller-fips,...