CVE-2026-39821 affecting package kured for versions less than 1.15.0-5

CVE-2026-39821 affecting package kured for versions less than 1.15.0-5. A patched version of the package is available...

CVE-2026-35469 affecting package kured for versions less than 1.15.0-4

CVE-2026-35469 affecting package kured for versions less than 1.15.0-4. A patched version of the package is available...

CVE-2025-11065 affecting package kured for versions less than 1.15.0-3

CVE-2025-11065 affecting package kured for versions less than 1.15.0-3. A patched version of the package is available...

CVE-2025-11065 affecting package kured for versions less than 1.14.2-7

CVE-2025-11065 affecting package kured for versions less than 1.14.2-7. A patched version of the package is available...

AZL-75452 CVE-2025-11065 affecting package kured 1.15.0-2

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

AZL-75500 CVE-2025-11065 affecting package kured for versions less than 1.14.2-7

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

kured-1.20.0-1.1 on GA media (moderate)

kured-1.20.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15505-1 Rating: moderate Cross-References: CVE-2024-34156 CVSS scores: CVE-2024-34156 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

OPENSUSE-SU-2025:15505-1 kured-1.20.0-1.1 on GA media

These are all security issues fixed in the kured-1.20.0-1.1 package on the GA media of openSUSE Tumbleweed...

kured-1.17.1-1.1 on GA media (moderate)

kured-1.17.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:14907-1 Rating: moderate Cross-References: CVE-2024-45338 CVSS scores: CVE-2024-45338 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-45338 SUSE : 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

OPENSUSE-SU-2025:14907-1 kured-1.17.1-1.1 on GA media

These are all security issues fixed in the kured-1.17.1-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2023-45288 affecting package kured for versions less than 1.15.0-2

CVE-2023-45288 affecting package kured for versions less than 1.15.0-2. A patched version of the package is available...

CVE-2023-45288 affecting package kured for versions less than 1.14.2-3

CVE-2023-45288 affecting package kured for versions less than 1.14.2-3. A patched version of the package is available...

AZL-39445 CVE-2023-45288 affecting package kured for versions less than 1.14.2-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-38284 CVE-2023-45288 affecting package kured for versions less than 1.15.0-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

CBL Mariner 2.0 Security Update: kured (CVE-2022-25891)

The version of kured installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-25891 advisory. - The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service DoS via...

CBL Mariner 2.0 Security Update: azcopy / cni / containernetworking-plugins / cri-o / git-lfs / golang / kata-containers (CVE-2022-29526)

The version of azcopy / cni / containernetworking-plugins / cri-o / git-lfs / golang / kata-containers installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-29526 advisory. - Go before 1.17.10 and 1.18....

CBL Mariner 2.0 Security Update: application-gateway-kubernetes-ingress / cri-o / keda / kube-vip-cloud-provider / kured / moby-engine / node-problem-detector (CVE-2022-21698)

The version of application-gateway-kubernetes-ingress / cri-o / keda / kube-vip-cloud-provider / kured / moby-engine / node-problem-detector installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-21698...

CBL Mariner 2.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt (CVE-2022-32149)

The version of application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the...

CBL Mariner 2.0 Security Update: kured (CVE-2022-28948)

The version of kured installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28948 advisory. - An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize...

CBL Mariner 2.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector (CVE-2021-44716)

The version of application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-44716...