75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: aactl, trivy-operator-fips, cloud-provider-aws, mattermost-fips, trivy-operator, kubescape-server-fips, rancher-agent, kaf, frankenphp-8.4, tekton-pipelines-fips, snyk-cli, flux-fips, nemo, traefik, flux-image-automation-controller-fips, kubernetes, rancher,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: prometheus, minio, telegraf, aactl, cert-manager, chisel, kubernetes, k3s, rancher-agent, flux-source-controller, fscrypt, loki, gitea, kyverno, cilium-cli, gitlab-kas, kine, prometheus-operator, zot, nerdctl, kots, helm, mattermost, cilium, istio, skaffold, zarf,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: telegraf, policy-controller, melange, rancher-agent, flux-source-controller, flux-notification-controller, caddy, act, gh, gitea, pulumi-language-dotnet, step-issuer, ko, syft, cilium, docker-machine-driver-harvester, buildkitd, glab, sops, gptscript, docker,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: telegraf, policy-controller, melange, rancher-agent, flux-source-controller, flux-notification-controller, caddy, act, crossplane-provider-aws-kinesis, gh, gitea, pulumi-language-dotnet, step-issuer, ko, crossplane-provider-aws-eks, syft, cilium, buildkitd, glab, sop...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: prometheus, minio, telegraf, aactl, cert-manager, kubernetes, buildah, k3s, rancher-agent, docker-cli-buildx, fscrypt, loki, kyverno, cilium-cli, gitlab-kas, kine, prometheus-operator, zot, nerdctl, kots, helm, mattermost, cilium, istio, vitess, external-dns, flux,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: prometheus, minio, telegraf, aactl, cert-manager, kubernetes, buildah, k3s, rancher-agent, docker-cli-buildx, fscrypt, loki, kyverno, cilium-cli, gitlab-kas, kine, prometheus-operator, zot, nerdctl, kots, helm, mattermost, cilium, istio, vitess, external-dns, flux,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: prometheus, minio, telegraf, aactl, cert-manager, kubernetes, wolfictl, guac, melange, k3s, flux-source-controller, pulumi-language-yaml, fscrypt, terragrunt, splunk-otel-collector, act, loki, gitea, kyverno, pulumi-language-dotnet, pulumi, cilium-cli, apko,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: prometheus, minio, telegraf, aactl, cert-manager, chisel, kubernetes, k3s, rancher-agent, flux-source-controller, fscrypt, loki, gitea, kyverno, cilium-cli, gitlab-kas, kine, prometheus-operator, zot, nerdctl, kots, helm, mattermost, docker-machine-driver-harvester,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-snapshotter-fips, fluent-operator-fips, pvc-autoresizer-fips, trivy-k8s-wrapper, helm-exporter-fips, dragonfly-operator-fips, mattermost-fips, chainctl, polaris-fips, azuredisk-csi, spegel-fips, authservice-fips, flux-fips, livekit-cli,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: prometheus, aws-flb-kinesis, telegraf, aactl, cert-manager, kubernetes, cilium-envoy, k3s, kube-fluentd-operator, datadog-agent, fscrypt, redka, kyverno, cilium-cli, gitlab-kas, kine, prometheus-operator, coredns, libnvidia-container, zot, nerdctl, kots, net-kourier,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: prometheus, aws-flb-kinesis, telegraf, aactl, cert-manager, kubernetes, cilium-envoy, k3s, kube-fluentd-operator, datadog-agent, fscrypt, redka, kyverno, cilium-cli, gitlab-kas, kine, prometheus-operator, coredns, libnvidia-container, zot, nerdctl, kots, net-kourier,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: migrate, telegraf, tofu-controller, cloud-provider-vsphere, kube-state-metrics, kube-vip, policy-controller, spqr, volume-modifier-for-k8s, kubernetes-csi-external-resizer, rancher-agent, rclone, flux-source-controller, datadog-agent, flux-notification-controller,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: tofu-controller, kube-vip, kubernetes-csi-external-resizer, metacontroller, crane, terraform-mcp-server, harbor-scanner-trivy, nri-haproxy, helm-mapkubeapis, victoriametrics, nova, coredns, rancher-fleet, oras, syft, wgcf, kubebuilder, logstash-exporter, cilium,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: tofu-controller, kube-vip, kubernetes-csi-external-resizer, metacontroller, crane, terraform-mcp-server, harbor-scanner-trivy, nri-haproxy, helm-mapkubeapis, victoriametrics, nova, coredns, rancher-fleet, oras, syft, wgcf, kubebuilder, logstash-exporter, cilium,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: migrate, telegraf, tofu-controller, cloud-provider-vsphere, kube-state-metrics, kube-vip, policy-controller, spqr, volume-modifier-for-k8s, kubernetes-csi-external-resizer, rancher-agent, rclone, flux-source-controller, datadog-agent, flux-notification-controller,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: omnibump, flux-source-watcher-fips, nodetaint, omni-fips, rabbitmq-messaging-topology-operator, kube-logging-logging-operator, volume-modifier-for-k8s, kubewatch, polaris-fips, victoriametrics-cluster-fips, tailscale, nemo, flux-image-reflector-controller,...