76 matches found
Kubernetes Dashboard <1.10.1 - Authentication Bypass
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: istio-fips, dataplaneapi-fips, azuredisk-csi, gitlab-rails-ce, docker-cli-buildx-fips, glab, reports-server, apm-server-fips, chainloop-cli-fips, argo-cd-fips, vexctl, cilium-cli, terraform, kube-conformance, timestamp-authority, k8s-device-plugin,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, cloudbeat, reports-server, trivy-operator-fips, nemo, kyverno-fips, argo-cd-fips, frankenphp-8.5, commercial-grafana, coder, cilium-cli, terraform, gitea-fips, minio-fips, harbor, drone, k9s, knative-serving-fips, kubescape-server-fips, chisel-fips,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: chisel, tkn, terraform-provider-acme, eksctl, snyk-cli, neuvector-sigstore-interface, argo-cd, docker-cli-buildx, grype, kubernetes-dashboard, pulumi, falcoctl, chezmoi, apko, docker-compose, knative-serving, crossplane-provider-aws-elasticache, wolfictl,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: chisel, tkn, eksctl, snyk-cli, neuvector-sigstore-interface, argo-cd, docker-cli-buildx, grype, kubernetes-dashboard, pulumi, falcoctl, chezmoi, apko, wolfictl, knative-serving, flux-operator, flux-source-controller, terragrunt, step, cilium, opentelemetry-collector,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: chisel, mattermost, skaffold, cert-manager, external-dns, k3s, snyk-cli, fscrypt, zot, argo-cd, kine, osv-scanner, containerd, kubernetes-dashboard, argocd-image-updater, kyverno, kubescape, helm, aactl, knative-serving, trivy, minio, trivy-operator,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: mattermost, cert-manager, external-dns, k3s, snyk-cli, fscrypt, zot, argo-cd, docker-cli-buildx, kine, containerd, kubernetes-dashboard, kyverno, helm, aactl, knative-serving, minio, buildah, spire-server, prometheus, teleport, nerdctl, cilium, podman,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: mattermost, skaffold, cert-manager, dagger, pulumi-language-dotnet, opentofu, external-dns, k3s, snyk-cli, fscrypt, pulumi-language-yaml, scorecard, argo-cd, zot, kine, grype, osv-scanner, splunk-otel-collector, containerd, kubernetes-dashboard, argocd-image-updater,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: mattermost, cert-manager, opentofu, external-dns, k3s, snyk-cli, fscrypt, zot, argo-cd, docker-cli-buildx, kine, containerd, kubernetes-dashboard, kyverno, helm, aactl, knative-serving, minio, buildah, spire-server, prometheus, teleport, nerdctl, cilium, podman,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: chisel, mattermost, skaffold, cert-manager, external-dns, k3s, snyk-cli, fscrypt, zot, argo-cd, kine, osv-scanner, containerd, kubernetes-dashboard, argocd-image-updater, kyverno, kubescape, helm, aactl, knative-serving, trivy, minio, trivy-operator,...
GHSA-W2Q5-6Q6X-X959 vulnerabilities
Vulnerabilities for packages: vault-csi-provider-fips, oauth2-proxy, docker-cli-buildx-fips, amazon-cloudwatch-agent-operator, aws-fsx-csi-driver-fips, argo-cd-fips, policy-controller, ipfs-cluster, cortex-fips, terragrunt-fips, flux-operator, datadog-agent-fips, harbor, grype-db, falcoctl-fips,...
CLEANSTART-2026-MX15076 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.7.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-web package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KL61187 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 7.14.0-r0, 7.14.0-r1
Multiple security vulnerabilities affect the kubernetes-dashboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0
Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: go, knative-operator, keda, falco-no-driver, mattermost, newrelic-fluent-bit-output, cert-manager, knative-eventing, dask-gateway, fuse-overlayfs-snapshotter, ingress-nginx-controller, external-dns, k3s, kube-arangodb, fscrypt, k8s-device-plugin, snyk-cli, argo-cd,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: go, knative-operator, keda, falco-no-driver, mattermost, newrelic-fluent-bit-output, cert-manager, knative-eventing, dask-gateway, fuse-overlayfs-snapshotter, ingress-nginx-controller, external-dns, k3s, kube-arangodb, fscrypt, k8s-device-plugin, snyk-cli, argo-cd,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: newrelic-fluent-bit-output, kserve-modelmesh-serving, actions-runner-controller, etcd, descheduler, kubernetes-dashboard, minio-operator, nri-rabbitmq, docker-credential-ecr-login, knative-serving, terraform-docs, flux-operator, git-credential-oauth, cerbos, extism,...
CVE-2026-32289 vulnerabilities
Vulnerabilities for packages: tkn, spiffe-helper, falco-no-driver, newrelic-fluent-bit-output, redpanda, kserve-modelmesh-serving, eksctl, etcd, tailscale, kubernetes-csi-external-health-monitor, tofu-controller, snyk-cli, argo-cd, descheduler, dkron, docker-cli-buildx, redka, bom,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: newrelic-fluent-bit-output, kserve-modelmesh-serving, actions-runner-controller, etcd, descheduler, kubernetes-dashboard, minio-operator, nri-rabbitmq, docker-credential-ecr-login, knative-serving, terraform-docs, flux-operator, git-credential-oauth, cerbos,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: tkn, spiffe-helper, falco-no-driver, newrelic-fluent-bit-output, redpanda, kserve-modelmesh-serving, eksctl, etcd, tailscale, kubernetes-csi-external-health-monitor, tofu-controller, snyk-cli, argo-cd, descheduler, dkron, docker-cli-buildx, redka, bom,...