75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: frankenphp-8.4, k3s, kubescape-server, cloudbeat-fips, flux-source-controller-fips, keda-fips, terraform, kubernetes, kubescape-server-fips, kine, k9s-fips, frankenphp-8.2, tigera-operator, istio, argocd-image-updater, nerdctl, tekton-pipelines, gitlab-rails-ce,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: knative-serving, nerdctl, minio, kots, kubernetes, prometheus, loki, k3s, kubernetes-dashboard, cilium, cloud-provider-aws, kubescape, zarf, fscrypt, zot, argo-cd, flux-source-controller, cert-manager, opentelemetry-collector, vitess, kyverno, snyk-cli, mattermost,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: gitlab-runner, guac, tekton-chains, atlantis, loki, pulumi-kubernetes-operator, terraform-provider-tls, mods, step-kms-plugin, step-issuer, terraform-provider-azurerm, wal-g, flux-source-controller, pulumi-language-dotnet, pulumi-language-yaml,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: gitlab-runner, guac, tekton-chains, atlantis, loki, pulumi-kubernetes-operator, terraform-provider-tls, mods, step-kms-plugin, age, step-issuer, terraform-provider-azurerm, wal-g, flux-source-controller, pulumi-language-dotnet, pulumi-language-yaml, ko, chezmoi,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: knative-serving, nerdctl, minio, kots, kubernetes, prometheus, loki, docker-cli-buildx, k3s, kubernetes-dashboard, cilium, cloud-provider-aws, teleport, fscrypt, zot, argo-cd, opentelemetry-collector, cert-manager, vitess, kyverno, snyk-cli, buildah, mattermost, aact...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: knative-serving, nerdctl, minio, kots, kubernetes, prometheus, loki, k3s, kubernetes-dashboard, cilium, cloud-provider-aws, kubescape, zarf, fscrypt, zot, argo-cd, flux-source-controller, cert-manager, opentelemetry-collector, vitess, kyverno, snyk-cli, mattermost,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: knative-serving, nerdctl, minio, kots, kubernetes, prometheus, loki, docker-cli-buildx, k3s, kubernetes-dashboard, cilium, cloud-provider-aws, teleport, fscrypt, zot, argo-cd, opentelemetry-collector, cert-manager, vitess, kyverno, snyk-cli, buildah, mattermost,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: witness, melange, knative-serving, nerdctl, dagger, minio, pulumi, kots, kubernetes, external-secrets-operator, guac, prometheus, loki, pulumi-kubernetes-operator, syft, k3s, kubernetes-dashboard, argo-events, cilium, cloud-provider-aws, kubescape, teleport, zarf,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: dcgm-exporter, k3s, cloudbeat-fips, secrets-store-csi-driver-provider-azure-fips, haproxy-ingress, longhorn-manager, local-path-provisioner-fips, apply-cve-bump, nova, kubernetes-csi-external-resizer, tigera-operator, polaris-fips, litmus-chaos-operator-fips,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller, newrelic-fluent-bit-output, k8s-device-plugin, knative-serving, nerdctl, kots, kubernetes, external-secrets-operator, prometheus, aws-flb-cloudwatch, knative-eventing, gitlab-pages, k3s, kubernetes-dashboard, cilium, datadog-agent, runc,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller, newrelic-fluent-bit-output, k8s-device-plugin, knative-serving, nerdctl, kots, kubernetes, external-secrets-operator, prometheus, aws-flb-cloudwatch, knative-eventing, gitlab-pages, k3s, kubernetes-dashboard, cilium, datadog-agent, runc,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent, bank-vaults, node-problem-detector, grafana-pyroscope, k3d, atlantis, sftpgo-plugin-eventsearch, xeol, wal-g, ipfs-cluster, redpanda, sftpgo-plugin-pubsub, gitness, docker-credential-gcr, apisix-ingress-controller, ko,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: cri-tools, newrelic-infrastructure-agent, polaris, bank-vaults, prometheus-blackbox-exporter, kwok, grafana-pyroscope, atlantis, terraform-provider-tls, dex, oauth2-proxy, sftpgo-plugin-eventsearch, step-kms-plugin, spegel, runc, trillian, step-issuer, xeol, wal-g,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent, bank-vaults, node-problem-detector, grafana-pyroscope, k3d, atlantis, sftpgo-plugin-eventsearch, xeol, wal-g, ipfs-cluster, redpanda, sftpgo-plugin-pubsub, gitness, docker-credential-gcr, apisix-ingress-controller, ko,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: cri-tools, newrelic-infrastructure-agent, polaris, bank-vaults, prometheus-blackbox-exporter, kwok, grafana-pyroscope, atlantis, terraform-provider-tls, dex, oauth2-proxy, sftpgo-plugin-eventsearch, step-kms-plugin, spegel, runc, trillian, step-issuer, xeol, wal-g,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: atlas-fips, flux-notification-controller, rabbitmq-messaging-topology-operator, flux-source-controller-fips, local-path-provisioner-fips, victoriametrics-fips, grafana-operator, nova, supercronic-fips, nova-fips, polaris-fips, k8s-metacollector-fips, victoriametrics,...