75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: argo-workflows-fips, fscrypt, external-dns, flux-source-controller, loki, flux-image-automation-controller, kots, frankenphp-8.2, terraform, prometheus-fips, gitlab-kas, tekton-pipelines-fips, reports-server, prometheus-elasticsearch-exporter, seaweedfs-rocksdb-fips,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: aactl, rancher-machine, telegraf, crossplane-provider-aws-sns, crossplane-provider-aws-eks, fscrypt, step-issuer, external-dns, containerd, gptscript, cluster-api-azure-controller, cilium-cli, kaf, cosign, src, trivy, k3s, ko, cloudflared, teleport, sealed-secrets,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: cloud-provider-aws, knative-serving, aactl, kubernetes, flux-image-automation-controller, gitea, kots, minio, zarf, kyverno, argo-cd, zot, kubescape, istio, kubernetes-dashboard, telegraf, fscrypt, gitlab-kas, external-dns, snyk-cli, containerd,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: aactl, rancher-machine, telegraf, step-issuer, fscrypt, external-dns, containerd, gptscript, cluster-api-azure-controller, cilium-cli, kaf, cosign, trivy, k3s, ko, teleport, tflint, gomplate, loki, melange, crossplane-provider-azure-authorization, dagger, gitea,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: cloud-provider-aws, dagger, aactl, knative-serving, kubernetes, flux-image-automation-controller, gitea, kots, minio, scorecard, terragrunt, wolfictl, kyverno, zarf, argo-cd, zot, opentofu, kubescape, pulumi-language-yaml, istio, kubernetes-dashboard, telegraf, apko,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: cloud-provider-aws, knative-serving, aactl, kubernetes, flux-image-automation-controller, gitea, kots, minio, zarf, kyverno, argo-cd, zot, docker-machine-driver-harvester, kubescape, istio, kubernetes-dashboard, telegraf, fscrypt, gitlab-kas, external-dns, snyk-cli,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: cloud-provider-aws, knative-serving, aactl, kubernetes, kots, minio, kyverno, argo-cd, zot, istio, kubernetes-dashboard, telegraf, buildah, fscrypt, gitlab-kas, external-dns, snyk-cli, containerd, opentelemetry-collector, prometheus-operator, vitess, cert-manager,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: cloud-provider-aws, knative-serving, aactl, kubernetes, kots, minio, kyverno, argo-cd, zot, opentofu, istio, kubernetes-dashboard, telegraf, buildah, fscrypt, gitlab-kas, external-dns, snyk-cli, containerd, opentelemetry-collector, prometheus-operator, vitess,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: terraform-provider-azapi-fips, blob-csi-fips, kserve-localmodelnode-agent-fips, aws-otel-collector-fips, net-kourier, grype-db, terraform-provider-google, cadvisor-fips, kubernetes-csi-external-attacher-fips, kubernetes-dashboard-api-fips, helm-fips,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: cilium-envoy, gitlab-pages, cloud-provider-aws, knative-serving, aactl, kubernetes, gitaly, k8s-device-plugin, kots, kyverno, kube-arangodb, argo-cd, kube-fluentd-operator, newrelic-fluent-bit-output, zot, gatekeeper, aws-flb-firehose, kubescape, knative-eventing,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: cilium-envoy, gitlab-pages, cloud-provider-aws, knative-serving, aactl, kubernetes, gitaly, k8s-device-plugin, kots, kyverno, kube-arangodb, argo-cd, kube-fluentd-operator, newrelic-fluent-bit-output, zot, gatekeeper, aws-flb-firehose, kubescape, knative-eventing,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: cilium-envoy, grafana-mimir, aactl, cluster-autoscaler, kyverno-policy-reporter-ui, envoy-gateway, amazon-cloudwatch-agent-operator, rancher-machine, seaweedfs, spegel, step-ca, falco-exporter, cert-manager-csi-driver, kubernetes-csi-node-driver-registrar, telegraf,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: aactl, kyverno-policy-reporter-ui, yunikorn-web, envoy-gateway, spegel, telegraf, datadog-agent, k8ssandra-operator, chart-testing, certificate-transparency, dgraph, kube-bench, newrelic-nri-statsd, crossplane, pguser, cilium-cli, runc, ko, dataplaneapi,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: cilium-envoy, grafana-mimir, aactl, cluster-autoscaler, kyverno-policy-reporter-ui, envoy-gateway, amazon-cloudwatch-agent-operator, rancher-machine, seaweedfs, spegel, step-ca, falco-exporter, cert-manager-csi-driver, kubernetes-csi-node-driver-registrar, telegraf,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: aactl, kyverno-policy-reporter-ui, yunikorn-web, envoy-gateway, spegel, telegraf, datadog-agent, k8ssandra-operator, chart-testing, certificate-transparency, dgraph, kube-bench, smarter-device-manager, kubernetes-csi-driver-hostpath, newrelic-nri-statsd, crossplane,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: flux-source-watcher, mountpoint-s3-csi-driver, flux-source-controller, clickhouse-operator, victoriametrics-cluster, atlas-fips, actions-runner-controller, flux-image-automation-controller, stakater-reloader, victoriametrics, volume-modifier-for-k8s-fips,...