75 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: knative-kafka-broker, knative-kafka-broker-fips, external-secrets-operator-fips, zarf, kubevela-fips, prometheus-elasticsearch-exporter, tekton-pipelines-fips, aactl, kyverno, keda-fips, kubescape-server, cloud-provider-aws, omnictl-multiarch, k3s,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, external-secrets-operator, cluster-api-azure-controller, crossplane-provider-aws-kinesis, docker-machine-driver-linode, melange, openbao, tekton-chains, cosign, minio, apko, terraform-provider-azurerm, caddy, crossplane-provider-keycloak,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, external-secrets-operator, cluster-api-azure-controller, docker-machine-driver-harvester, melange, openbao, tekton-chains, cosign, minio, apko, terraform-provider-azurerm, caddy, wolfictl, vitess, flux-kustomize-controller, grype, glab, kine,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: external-dns, opentelemetry-collector, k9s, chisel, cert-manager, rancher, zarf, cloud-provider-aws, snyk-cli, kubernetes-dashboard, fscrypt, zot, istio, minio, argo-cd, kubescape, vitess, helm, loki, rancher-agent, kaf, gitlab-kas, osv-scanner, knative-serving,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: external-dns, opentelemetry-collector, act, external-secrets-operator, k9s, pulumi-language-java, teleport, cert-manager, gomplate, cloud-provider-aws, dagger, gptscript, zarf, melange, kubernetes, snyk-cli, scorecard, kubernetes-dashboard, fscrypt, zot, istio, minio...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: external-dns, opentelemetry-collector, teleport, cert-manager, rancher, cloud-provider-aws, snyk-cli, kubernetes-dashboard, fscrypt, zot, istio, minio, argo-cd, vitess, helm, loki, rancher-agent, kaf, gitlab-kas, knative-serving, telegraf, kyverno, k3s, aactl,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: external-dns, opentelemetry-collector, teleport, cert-manager, rancher, cloud-provider-aws, snyk-cli, kubernetes-dashboard, fscrypt, zot, istio, minio, argo-cd, vitess, helm, loki, rancher-agent, kaf, gitlab-kas, knative-serving, telegraf, kyverno, k3s, aactl,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: external-dns, opentelemetry-collector, k9s, chisel, cert-manager, rancher, docker-machine-driver-harvester, zarf, cloud-provider-aws, snyk-cli, kubernetes-dashboard, fscrypt, zot, istio, minio, argo-cd, kubescape, vitess, helm, loki, rancher-agent, kaf, gitlab-kas,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: knative-kafka-broker, external-secrets-operator-fips, task, grype, helmfile, eks-node-monitoring-agent-fips, haproxy-ingress-fips, kuberay-apiserver-fips, longhorn-manager, amazon-cloudwatch-agent-operator-fips, azurefile-csi, cluster-api-provider-vsphere-fips,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: external-dns, k8s-device-plugin, external-secrets-operator, fuse-overlayfs-snapshotter, cert-manager, gitaly, dask-gateway, cloud-provider-aws, knative-eventing, knative-operator, snyk-cli, falco-no-driver, kubernetes-dashboard, fscrypt, runc, karpenter, zot, istio,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: external-dns, k8s-device-plugin, external-secrets-operator, fuse-overlayfs-snapshotter, cert-manager, gitaly, dask-gateway, cloud-provider-aws, knative-eventing, knative-operator, snyk-cli, falco-no-driver, kubernetes-dashboard, fscrypt, runc, karpenter, zot, istio,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: aws-load-balancer-controller, external-secrets-operator, rancher-system-upgrade-controller, knative-eventing, argo-rollouts, chartmuseum, falco-no-driver, aws-application-networking-k8s, cluster-api-provider-vsphere, dex, metacontroller, nri-f5, runc, cosign,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: gitness, terraform-provider-random, external-secrets-operator, cloud-provider-azure, sftpgo, opentelemetry-operator, cluster-api, docker-machine-driver-harvester, kserve-modelmesh-serving, docker-machine-driver-linode, knative-eventing, argo-rollouts,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: aws-load-balancer-controller, external-secrets-operator, rancher-system-upgrade-controller, knative-eventing, argo-rollouts, chartmuseum, falco-no-driver, aws-application-networking-k8s, cluster-api-provider-vsphere, dex, metacontroller, nri-f5, runc, cosign,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: gitness, terraform-provider-random, external-secrets-operator, cloud-provider-azure, sftpgo, opentelemetry-operator, cluster-api, docker-machine-driver-harvester, kserve-modelmesh-serving, docker-machine-driver-linode, knative-eventing, argo-rollouts,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: nova-fips, external-secrets-operator-fips, oras, nfs-subdir-external-provisioner, pluto-fips, local-path-provisioner-fips, flux-image-automation-controller, flux-source-controller-fips, flux-source-watcher-fips, commercial-chainloop-cli, local-path-provisioner,...