75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: cloudbeat, aactl, opentofu-fips, elastic-agent-fips, telegraf, fscrypt, external-dns, containerd, frankenphp-8.3, cilium-cli, seaweedfs-rocksdb-fips, kaf, trivy, k3s, flux-fips, harbor-fips, keda-fips, nemo, loki, omnictl-multiarch-fips, knative-kafka-broker,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: telegraf, slsa-verifier, cert-manager, falcoctl, step-kms-plugin, apko, docker-cli-buildx, syft, mattermost, trivy-operator, snyk-cli, prometheus, crossplane-provider-azure-storage, kaf, loki, scorecard, gh, opentelemetry-collector, buildkitd,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: telegraf, cert-manager, skaffold, cilium-cli, argo-cd, nerdctl, minio, gitea, mattermost, trivy-operator, trivy, fscrypt, aactl, osv-scanner, snyk-cli, prometheus, kubernetes, vitess, kaf, chisel, loki, zarf, zot, flux-image-automation-controller, knative-serving,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: telegraf, slsa-verifier, cert-manager, falcoctl, step-kms-plugin, apko, docker-cli-buildx, syft, mattermost, trivy-operator, snyk-cli, prometheus, crossplane-provider-azure-storage, kaf, loki, scorecard, gh, opentelemetry-collector, buildkitd, rancher-agent, rancher,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: telegraf, cert-manager, skaffold, external-secrets-operator, cilium-cli, argo-cd, nerdctl, apko, minio, terragrunt, gptscript, gitea, teleport, syft, mattermost, trivy-operator, trivy, fscrypt, dagger, aactl, act, osv-scanner, prometheus, kubernetes,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: telegraf, cert-manager, cilium-cli, argo-cd, nerdctl, minio, docker-cli-buildx, teleport, buildah, mattermost, fscrypt, aactl, snyk-cli, prometheus, kubernetes, vitess, podman, kaf, loki, zot, knative-serving, spire-server, kyverno, opentelemetry-collector, helm,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: telegraf, cert-manager, skaffold, cilium-cli, argo-cd, nerdctl, minio, gitea, mattermost, trivy-operator, trivy, fscrypt, aactl, osv-scanner, snyk-cli, prometheus, kubernetes, vitess, kaf, chisel, loki, zarf, zot, flux-image-automation-controller, knative-serving,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: telegraf, cert-manager, cilium-cli, argo-cd, nerdctl, minio, docker-cli-buildx, teleport, buildah, mattermost, fscrypt, aactl, snyk-cli, prometheus, kubernetes, vitess, podman, kaf, loki, zot, knative-serving, spire-server, kyverno, opentelemetry-collector, helm,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: kyverno-policy-reporter-ui, linkerd2-fips, porch-fips, sealed-secrets-fips, terraform-provider-pagerduty-fips, spegel, hubble-ui-backend-fips, datadog-agent, dgraph, nrdot-collector-k8s-fips, chainloop-cli, newrelic-nri-statsd, crossplane, listmonk, livekit-cli, vaul...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: runc, telegraf, cert-manager, knative-eventing, external-secrets-operator, cilium-cli, argo-cd, nerdctl, kube-fluentd-operator, knative-operator, datadog-agent, fuse-overlayfs-snapshotter, gitlab-pages, mattermost, coredns, karpenter, fscrypt, aws-flb-firehose, aactl...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: runc, telegraf, cert-manager, knative-eventing, external-secrets-operator, cilium-cli, argo-cd, nerdctl, kube-fluentd-operator, knative-operator, datadog-agent, fuse-overlayfs-snapshotter, gitlab-pages, mattermost, coredns, karpenter, fscrypt, aws-flb-firehose, aactl...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, slsa-verifier, kube-fluentd-operator, azure-workload-identity-webhook, lazygit, syft, terraform-provider-kubernetes, karpenter, knative-client, gh, timescaledb-parallel-copy, vendir,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, crossplane-provider-gcp, slsa-verifier, rancher-helm, cert-manager, telegraf, falcoctl, step-kms-plugin, apko, kube-fluentd-operator, docker-cli-buildx, terraform-provider-time, cue, argo-workflow...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, crossplane-provider-gcp, slsa-verifier, rancher-helm, cert-manager, telegraf, falcoctl, step-kms-plugin, apko, kube-fluentd-operator, docker-cli-buildx, terraform-provider-time, cue, argo-workflow...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, slsa-verifier, kube-fluentd-operator, azure-workload-identity-webhook, lazygit, syft, terraform-provider-kubernetes, karpenter, knative-client, gh, timescaledb-parallel-copy, vendir, envoy-gateway...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: pgwatch, commercial-chainloop-cli, victoriametrics-cluster-fips, kyverno-policy-reporter-plugins-kyverno-fips, sealed-secrets-fips, atlas-fips, clickhouse-operator, dgraph, supercronic, karpenter, smarter-device-manager, fluxcd-kustomize-mutating-webhook, nova,...