75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: rancher-agent, chisel-fips, helm, argo-cd, skaffold-fips, docker-machine-driver-harvester, frankenphp-8.2, harbor, flux-image-automation-controller, kubevela-fips, rancher, coder-fips, argocd-image-updater-fips, fscrypt, drone-fips, aactl, kine, prometheus-fips, isti...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: openbao, aactl, terraform-provider-tls, neuvector-sigstore-interface, pulumi-language-dotnet, caddy, kaf, wal-g, wolfictl, gh, argo-events, flux-source-controller, crossplane-provider-azure-storage, telegraf, chezmoi, gitlab-kas, cosign, opentelemetry-collector,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: aactl, external-dns, kine, istio, flux, mattermost, zot, rancher-agent, k9s, cloud-provider-aws, kaf, fscrypt, cert-manager, snyk-cli, kubernetes-dashboard, skaffold, helm, argo-cd, flux-source-controller, kubernetes, telegraf, trivy-operator,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: openbao, aactl, crossplane-provider-aws-lambda, terraform-provider-tls, neuvector-sigstore-interface, pulumi-language-dotnet, caddy, kaf, crossplane-provider-keycloak, wal-g, wolfictl, sealed-secrets, gh, argo-events, flux-source-controller,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: aactl, external-dns, kine, istio, flux, mattermost, docker-cli-buildx, rancher-agent, zot, buildah, cloud-provider-aws, kaf, fscrypt, cert-manager, snyk-cli, teleport, kubernetes-dashboard, helm, argo-cd, kubernetes, telegraf, kots, gitlab-kas, opentelemetry-collecto...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: aactl, external-dns, docker-machine-driver-harvester, kine, istio, flux, mattermost, zot, rancher-agent, k9s, cloud-provider-aws, kaf, fscrypt, cert-manager, snyk-cli, kubernetes-dashboard, skaffold, helm, argo-cd, flux-source-controller, kubernetes, telegraf,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: aactl, external-dns, kine, istio, flux, mattermost, docker-cli-buildx, rancher-agent, zot, buildah, cloud-provider-aws, kaf, fscrypt, cert-manager, snyk-cli, teleport, kubernetes-dashboard, helm, argo-cd, opentofu, kubernetes, telegraf, kots, gitlab-kas,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: gomplate, aactl, external-dns, witness, scorecard, kine, istio, gptscript, flux, mattermost, zot, k9s, syft, pulumi-language-dotnet, pulumi-kubernetes-operator, cloud-provider-aws, kaf, fscrypt, cert-manager, wolfictl, snyk-cli, teleport, kubernetes-dashboard,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: vault-csi-provider-fips, chisel-fips, mongo-tools-fips, volcano-fips, db-operator-fips, volcano, kcp-0.29, blob-csi-fips, nri-mssql, cyberark-secrets-provider-for-k8s, secretgen-controller, kubo-fips, victoriametrics-operator-fips, aws-otel-collector-fips, redpanda,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: aactl, external-dns, falco-no-driver, knative-eventing, kube-arangodb, knative-operator, kine, istio, grafana, flux, datadog-agent, mattermost, zot, keda, cloud-provider-aws, cilium-envoy, kaf, fscrypt, cert-manager, hubble, snyk-cli, aws-flb-kinesis,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: aactl, external-dns, falco-no-driver, knative-eventing, kube-arangodb, knative-operator, kine, istio, grafana, flux, datadog-agent, mattermost, zot, keda, cloud-provider-aws, cilium-envoy, kaf, fscrypt, cert-manager, hubble, snyk-cli, aws-flb-kinesis,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: openbao, aactl, grafana-agent-operator, terraform-provider-sendgrid, certificate-transparency, helm-set-status, kube-arangodb, docker-cli, helm-mapkubeapis, argo-rollouts, kyverno-notation-aws, terraform-provider-tls, step-ca, bento, filebrowser, caddy, kaf,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: certificate-transparency, tigera-operator, helm-mapkubeapis, http-echo, kyverno-notation-aws, clickhouse-operator, terraform-provider-tls, kaf, aws-network-policy-agent, lazydocker, hubble, aws-nuke, gh, kubernetes-dashboard-api, ghaudit, neuvector-scanner, omnibump,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: openbao, aactl, grafana-agent-operator, terraform-provider-sendgrid, certificate-transparency, helm-set-status, kube-arangodb, docker-cli, helm-mapkubeapis, argo-rollouts, kyverno-notation-aws, terraform-provider-tls, step-ca, bento, filebrowser, caddy, kaf,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: certificate-transparency, tigera-operator, helm-mapkubeapis, http-echo, kyverno-notation-aws, clickhouse-operator, terraform-provider-tls, kaf, aws-network-policy-agent, lazydocker, hubble, aws-nuke, gh, kubernetes-dashboard-api, ghaudit, neuvector-scanner, omnibump,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: kyverno-policy-reporter-plugins-kyverno, envoy-ratelimit, atlas, smarter-device-manager, flux-image-automation-controller, sftpgo-plugin-eventsearch, mariadb-operator-fips, commercial-chainloop-cli, volume-modifier-for-k8s, dapr-fips, tailscale,...