75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: gitea-fips, k9s-fips, gitlab-rails-ce, nemo, kube-arangodb-fips, zitadel, loki, coder, flux-source-controller, opentofu-fips, frankenphp-8.4, mattermost-fips, harbor, kaf, skaffold-fips, kubevela-fips, kyverno-fips, skaffold, prometheus-mongodb-exporter,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: pulumi-language-yaml, zarf, grype, aactl, kyverno, caddy, cloud-provider-aws, k3s, flux-image-automation-controller, pulumi, rancher-machine, glab, kaf, podman, flux, trivy-operator, istio, crossplane-provider-azure-managedidentity, dagger, external-secrets-operator,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: external-dns, telegraf, rancher, rancher-agent, zarf, containerd, flux-source-controller, aactl, kubernetes, kyverno, cert-manager, snyk-cli, trivy, minio, nerdctl, cloud-provider-aws, cilium-cli, k3s, flux-image-automation-controller, vitess, kubescape,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-rds, pulumi-language-yaml, zarf, grype, crossplane-provider-aws-sqs, crossplane-provider-aws-ec2, aactl, kyverno, caddy, cloud-provider-aws, k3s, flux-image-automation-controller, pulumi, rancher-machine, glab, crossplane-provider-aws-s3, kaf,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: external-dns, telegraf, rancher, rancher-agent, containerd, buildah, aactl, kubernetes, kyverno, cert-manager, snyk-cli, minio, nerdctl, cloud-provider-aws, cilium-cli, k3s, vitess, opentelemetry-collector, cilium, kaf, argo-cd, podman, gitlab-kas, spire-server,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: external-dns, telegraf, rancher, rancher-agent, containerd, buildah, aactl, kubernetes, kyverno, cert-manager, snyk-cli, minio, nerdctl, cloud-provider-aws, cilium-cli, k3s, vitess, opentelemetry-collector, cilium, kaf, argo-cd, podman, gitlab-kas, spire-server,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: external-dns, telegraf, rancher, rancher-agent, zarf, containerd, flux-source-controller, aactl, kubernetes, kyverno, cert-manager, snyk-cli, trivy, minio, nerdctl, cloud-provider-aws, cilium-cli, k3s, flux-image-automation-controller, vitess, kubescape,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: external-dns, telegraf, pulumi-language-yaml, guac, trivy-operator, argo-events, zarf, grype, splunk-otel-collector, scorecard, containerd, flux-source-controller, aactl, kubernetes, kyverno, cert-manager, snyk-cli, trivy, apko, minio, nerdctl, cloud-provider-aws,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: k9s-fips, kubernetes-dashboard-auth, gitlab-runner, terraform-provider-time, flannel-fips, redpanda-operator, jobset-fips, loki-fips, grype-db, grafana-rollout-operator, flux-source-controller, cloud-provider-gcp-cloud-controller-manager, aws-eks-pod-identity-agent,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: external-dns, telegraf, falco-no-driver, redka, zot, gitlab-pages, aws-flb-firehose, datadog-agent, aactl, kubernetes, kyverno, cert-manager, go, snyk-cli, nerdctl, cloud-provider-aws, grafana, cilium-cli, karpenter, coredns, k3s, kubescape, knative-operator,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: external-dns, telegraf, falco-no-driver, redka, zot, gitlab-pages, aws-flb-firehose, datadog-agent, aactl, kubernetes, kyverno, cert-manager, go, snyk-cli, nerdctl, cloud-provider-aws, grafana, cilium-cli, karpenter, coredns, k3s, kubescape, knative-operator,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: chartmuseum, kyverno-policy-reporter-ui, dapr, pulumi-language-yaml, dex, task, juicefs-csi-driver, spiffe-helper, minio-object-browser, vexctl, cloud-provider-vsphere, descheduler, aactl, flannel, kyverno, caddy, azure-service-operator, envconsul, cloud-provider-aws...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: chartmuseum, kyverno-policy-reporter-ui, dapr, pulumi-language-yaml, dex, task, juicefs-csi-driver, spiffe-helper, minio-object-browser, vexctl, cloud-provider-vsphere, descheduler, aactl, flannel, kyverno, caddy, azure-service-operator, envconsul, cloud-provider-aws...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: nri-consul, task, aactl, flannel, frp, oras, pulumi, http-echo, local-path-provisioner, kubernetes-csi-node-driver-registrar, dive, terraform-docs, hugo, infinispan-operator, istio, polaris, dynamic-localpv-provisioner, terraform-provider-tls, atlantis, bento,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: nri-consul, task, aactl, flannel, frp, oras, pulumi, http-echo, local-path-provisioner, kubernetes-csi-node-driver-registrar, dive, terraform-docs, hugo, infinispan-operator, istio, polaris, dynamic-localpv-provisioner, terraform-provider-tls, atlantis, bento,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper-fips, flux-image-reflector-controller-fips, dbmate, actions-runner-controller, nemo, flux-helm-controller-fips, grafana-operator-fips, grafana-rollout-operator, karpenter-fips, flux-source-controller, kube-logging-logging-operator...