75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: kuma, frankenphp-8.3, kube-arangodb-fips, prometheus-mongodb-exporter, kubernetes, gitea, kubescape-server, frankenphp-8.4, kubescape-server-fips, kyverno-fips, cloud-provider-aws, kyverno, chisel, coder-fips, gitlab-workhorse-ce-fips, osv-scanner,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: rootlesskit, neuvector-sigstore-interface, wolfictl, nerdctl, terragrunt, zot, pulumi-language-dotnet, nuclei, terraform-provider-azapi, cilium-cli, mods, step-issuer, chezmoi, cilium, glab, splunk-otel-collector, gh, crossplane-provider-aws-dynamodb,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: rootlesskit, neuvector-sigstore-interface, wolfictl, nerdctl, terragrunt, zot, pulumi-language-dotnet, nuclei, cilium-cli, mods, step-issuer, chezmoi, cilium, glab, splunk-otel-collector, gh, nfpm, opentelemetry-collector, snyk-cli, falcoctl, kubescape, flux-operator...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: flux, argocd-image-updater, istio, kots, prometheus-operator, minio, nerdctl, telegraf, zot, kaf, vitess, cilium-cli, knative-serving, helm, kine, prometheus, cilium, flux-image-automation-controller, loki, kubernetes-dashboard, cert-manager, opentelemetry-collector,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: buildah, flux, istio, kots, prometheus-operator, minio, nerdctl, telegraf, zot, kaf, podman, vitess, cilium-cli, knative-serving, helm, kine, prometheus, cilium, loki, kubernetes-dashboard, cert-manager, opentelemetry-collector, rancher-agent, kubernetes, teleport,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: buildah, flux, istio, kots, prometheus-operator, minio, nerdctl, telegraf, zot, kaf, podman, vitess, cilium-cli, knative-serving, helm, kine, prometheus, cilium, loki, kubernetes-dashboard, cert-manager, opentelemetry-collector, rancher-agent, kubernetes, teleport,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: flux, argocd-image-updater, guac, istio, kots, prometheus-operator, minio, nerdctl, wolfictl, terragrunt, pulumi, telegraf, zot, kaf, podman, nuclei, pulumi-kubernetes-operator, pulumi-language-dotnet, vitess, cilium-cli, knative-serving, apko, helm, argo-events,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: flux, argocd-image-updater, istio, kots, prometheus-operator, minio, nerdctl, telegraf, zot, kaf, vitess, cilium-cli, knative-serving, helm, kine, prometheus, cilium, docker-machine-driver-harvester, flux-image-automation-controller, loki, kubernetes-dashboard,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: chainloop-cli-fips, helm-operator-fips, stern, chainloop-artifact-cas, kyverno-fips, trust-manager, step-kms-plugin-fips, teleport, kube-rbac-proxy-fips, nrdot-collector-k8s, flux-image-automation-controller, authentik-fips, addon-resizer-fips,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: knative-eventing, flux, istio, kots, prometheus-operator, nerdctl, hubble, gitlab-pages, kube-fluentd-operator, telegraf, kaf, zot, cilium-cli, datadog-agent, grafana, knative-serving, ingress-nginx-controller, chezmoi, gitaly, kine, cilium, prometheus,...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: knative-eventing, flux, istio, kots, prometheus-operator, nerdctl, hubble, gitlab-pages, kube-fluentd-operator, telegraf, kaf, zot, cilium-cli, datadog-agent, grafana, knative-serving, ingress-nginx-controller, chezmoi, gitaly, kine, cilium, prometheus,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: grpcurl, kafka-proxy, sftpgo, terraform-docs, db-operator, jitsucom-bulker, nerdctl, zot, nuclei, descheduler, flux-helm-controller, terraform-provider-azapi, task, cilium-cli, yunikorn-k8shim, step-issuer, filebrowser, cluster-autoscaler, mcp-grafana, gitaly, cilium...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: sftpgo, jitsucom-bulker, nerdctl, s5cmd, vendir, kubewatch, terraform-provider-azapi, descheduler, rancher-webhook, task, ip-masq-agent, cluster-autoscaler, litefs, gostatsd, cilium, swagger, postgres-operator, kubernetes-csi-external-resizer, prometheus-adapter,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: grpcurl, kafka-proxy, sftpgo, terraform-docs, db-operator, jitsucom-bulker, nerdctl, zot, nuclei, descheduler, flux-helm-controller, terraform-provider-azapi, task, cilium-cli, yunikorn-k8shim, step-issuer, filebrowser, cluster-autoscaler, mcp-grafana, gitaly, cilium...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: sftpgo, jitsucom-bulker, nerdctl, s5cmd, vendir, kubewatch, terraform-provider-azapi, descheduler, rancher-webhook, task, ip-masq-agent, cluster-autoscaler, litefs, gostatsd, cilium, swagger, postgres-operator, kubernetes-csi-external-resizer, prometheus-adapter,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: aws-eks-pod-identity-agent-fips, gh, victoriametrics, grafana-operator, nfs-subdir-external-provisioner, k8s-metacollector, local-path-provisioner, volume-modifier-for-k8s-fips, cilium-fips, envoy-ratelimit, osv-scanner, flux-image-automation-controller,...