76 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: zarf-fips, kube-fluentd-operator, harbor, ocm-cli-fips, glab, azure-aad-pod-identity-mic, knative-eventing-fips, k9s-fips, redka, rekor-fips, libnvidia-container, flux-source-watcher-fips, apko, fuse-overlayfs-snapshotter, melange, mattermost,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: zarf-fips, harbor, osv-scanner, rancher, knative-eventing-fips, spire-server, k9s-fips, argocd-image-updater, vitess, docker-machine-driver-harvester, trivy-fips, cloudbeat, mattermost, prometheus-mongodb-exporter, flux-image-automation-controller-fips, snyk-cli,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, k9s, skaffold, kubernetes,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, gomplate, src, wolfictl, caddy, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, fulcio, docker-compose,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, buildah, rancher, spire-server, fscrypt, kaf, rancher-agent, knative-serving, minio, external-dns, telegraf, vitess, cilium, kubernetes, podman, k3s, nerdctl, flux, cloud-provider-aws, helm, mattermost, cert-manager, kots, containerd,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, buildah, rancher, spire-server, fscrypt, kaf, rancher-agent, knative-serving, minio, external-dns, telegraf, vitess, cilium, kubernetes, podman, k3s, nerdctl, flux, cloud-provider-aws, helm, mattermost, cert-manager, kots, containerd,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, pulumi-language-yaml, terragrunt, spire-server, fscrypt, kaf, kubescape, flux-source-controller, flux-image-automation-controller, nuclei, gomplate, wolfictl, scorecard, knative-serving, minio, apko, external-secrets-operator, melange,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, docker-machine-driver-harvester, k9s,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: terraform-provider-pagerduty-fips, gcp-compute-persistent-disk-csi-driver-fips, redpanda, ipfs-cluster-fips, k8s-agents-operator-fips, grype-db, grafana-pyroscope, pinniped-fips, mlrun-log-collector-fips, livekit-cli, melange, external-secrets-operator,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, spire-server, fscrypt, kaf, cilium-envoy, kubescape, net-kourier, falco-no-driver, gitaly, newrelic-fluent-bit-output, knative-serving, aws-flb-kinesis, redka, dask-gateway, external-secrets-operator, grafana, external-dns, hubble,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, spire-server, fscrypt, kaf, cilium-envoy, kubescape, net-kourier, falco-no-driver, gitaly, newrelic-fluent-bit-output, knative-serving, aws-flb-kinesis, redka, dask-gateway, external-secrets-operator, grafana, external-dns, hubble,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, grpcurl, kube-vip, lazydocker, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, pulumi-language-yaml, snyk-cli, rancher-fleet, sriov-network-device-plugin, xeol, certificate-transparency, k8ssandra-operator, caddy,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, configmap-reload, croc, mockery, k8ssandra-operator, openbao-k8s, authservice, neuvector-dbgen, telegraf, cluster-autoscaler, manifest-tool, kube-arangodb, mountpoint-s3-csi-driver, terraform-provider-aws, azure-service-operato...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, configmap-reload, croc, mockery, k8ssandra-operator, openbao-k8s, authservice, neuvector-dbgen, telegraf, cluster-autoscaler, manifest-tool, kube-arangodb, mountpoint-s3-csi-driver, terraform-provider-aws, azure-service-operato...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, grpcurl, kube-vip, lazydocker, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, pulumi-language-yaml, snyk-cli, rancher-fleet, sriov-network-device-plugin, xeol, certificate-transparency, k8ssandra-operator, caddy,...