Lucene search
+L

87 matches found

CVE
CVE
added 2026/07/10 9:52 p.m.15 views

CVE-2026-55175

Spinnaker CVE-2026-55175 affects Rosco/Kustomize bake operations where unsafe YAML tag processing in rosco manifests can lead to remote code execution on rosco pods. Affected versions are prior to 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 across release lines; fixes are available in 2026.1.1, 20...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/07/10 9:52 p.m.33 views

CVE-2026-55175 Spinnaker: Improper yaml processing on kustomize bake operations

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS0.00615EPSS
Exploits0References11
EUVD
EUVD
added 2026/07/10 9:52 p.m.5 views

EUVD-2026-43087

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References11
OSV
OSV
added 2026/07/10 9:52 p.m.3 views

CVE-2026-55175 Spinnaker: Improper yaml processing on kustomize bake operations

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pod...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/07/10 12:0 a.m.6 views

PT-2026-57343

Name of the Vulnerable Software and Affected Versions Spinnaker versions prior to 2026.1.1 Spinnaker versions prior to 2026.0.3 Spinnaker versions prior to 2025.4.4 Spinnaker versions prior to 2025.3.4 Description Unsafe YAML tag processing during Kustomize bake operations in rosco manifests can...

7.5CVSS6.5AI score0.00615EPSS
Exploits0References15
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.10 views

GHSA-89GR-R52H-F8RX vulnerabilities

Vulnerabilities for packages: chainloop-cli-fips, podman, crossplane-provider-azure-spring, chezmoi, opentofu-fips, splunk-otel-collector, crossplane-provider-azure-sql, crossplane-provider-azure-operationsmanagement, ollama-fips, tflint, crossplane-aws-provider, crossplane-provider-azure-relay,...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: hcloud, podman, steampipe, zarf, caddy, loki, dagger, flux-kustomize-controller, kubernetes, policy-controller, istio, opentofu, grype, kargo, flux-image-automation-controller, crossplane-provider-azure-authorization, eksctl, rancher, chezmoi, falcoctl, tflint,...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.11 views

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: victoriametrics, pluto, newrelic-k8s-metadata-injection, aws-network-policy-agent, tailscale, ingress-nginx-controller, mountpoint-s3-csi-driver, smarter-device-manager, hubble, flux-notification-controller, flux-image-automation-controller, external-secrets-operator...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/04/03 7:17 p.m.10 views

CVE-2026-34986 vulnerabilities

Vulnerabilities for packages: step-ca, cert-manager-istio-csr-fips, podman, splunk-otel-collector, envoy-gateway-fips, opentofu, consul, tempo-fips, cloudflared, temporal, weaviate, seaweedfs-fips, falcoctl, cloudprober, gomplate, gitlab-cng, harbor-registry, reports-server, cert-manager-istio-cs...

7.5CVSS6.4AI score0.00651EPSS
Exploits0
OSV
OSV
added 2026/04/01 9:58 a.m.4 views

CLEANSTART-2026-YB46455 Security fixes for CVE-2022-3219, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142 applied in versions: 5.7.1-r1, 5.7.1-r3

Multiple security vulnerabilities affect the kustomize package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7.3AI score0.00765EPSS
Exploits1References17
OSV
OSV
added 2026/04/01 9:23 a.m.12 views

CLEANSTART-2026-VP44686 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61732, CVE-2025-68121 applied in versions: 5.7.1-r0, 5.7.1-r1

Multiple security vulnerabilities affect the kustomize-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.9AI score0.00765EPSS
Exploits1References21
Chainguard
Chainguard
added 2026/03/03 7:17 a.m.10 views

CVE-2026-27141 vulnerabilities

Vulnerabilities for packages: cloud-sql-proxy, goose, helm-diff-fips, crossplane-provider-aws-backup, chezmoi, crossplane-provider-aws-acm, splunk-otel-collector, crossplane-provider-aws-route53-fips, grafana-mimir, ollama-fips, apm-server-fips, traefik-fips, crossplane-provider-aws-cloudfront,...

7.5CVSS7.3AI score0.00501EPSS
Exploits0
Chainguard
Chainguard
added 2026/03/03 7:17 a.m.6 views

GHSA-8FJ7-8H3W-XWFM vulnerabilities

Vulnerabilities for packages: cloud-sql-proxy, goose, helm-diff-fips, crossplane-provider-aws-backup, chezmoi, crossplane-provider-aws-acm, splunk-otel-collector, crossplane-provider-aws-route53-fips, grafana-mimir, ollama-fips, apm-server-fips, traefik-fips, crossplane-provider-aws-cloudfront,...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/02/26 7:48 p.m.9 views

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: zarf, dagger, terraform-provider-pagerduty, flux-kustomize-controller, policy-controller, opentofu, grype, q, flux-image-automation-controller, crossplane-provider-azure-authorization, crossplane-provider-aws-iam, crossplane-provider-aws-kinesis, argo-cd,...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/02/26 7:48 p.m.11 views

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: zarf, dagger, terraform-provider-pagerduty, flux-kustomize-controller, policy-controller, opentofu, grype, q, flux-image-automation-controller, crossplane-provider-azure-authorization, crossplane-provider-aws-iam, crossplane-provider-aws-kinesis, argo-cd,...

9.8CVSS6.3AI score0.00397EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/26 7:17 p.m.10 views

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: helm-diff-fips, opentofu-fips, crossplane-provider-aws-route53-fips, crossplane-provider-azure-sql, opentofu, scorecard, nfpm, crossplane-provider-aws-cloudfront, helm-diff, terraform-fips, crossplane-provider-azure-authorization, ratify-fips, cluster-api,...

9.8CVSS6.3AI score0.00397EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/20 1:17 a.m.22 views

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: step-ca, chezmoi, splunk-otel-collector, envoy-gateway-fips, sftpgo, ratify-fips, rekor, ory-kratos, croc, rekor-fips, tailscale, temporal, kine, percona-xtradb-cluster-operator, beats-fips, openbao, seaweedfs-fips, nri-mysql-fips, beats, minio,...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/01/13 7:57 p.m.5 views

EUVD-2026-2097

Renovate vulnerable to arbitrary command injection via kustomize manager and malicious helm repository...

7.1AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/13 7:57 p.m.15 views

Renovate vulnerable to arbitrary command injection via kustomize manager and malicious helm repository

Summary The user-provided chart name in the kustomize manager is appended to the helm pull --untar command without proper sanitization. Details Adversaries can provide a maliciously crafted kustomization.yaml in conjunction with a Helm repo's index.yaml file to trick Renovate to execute arbitrary...

8.1AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/13 7:57 p.m.1 views

GHSA-XV56-3WQ5-9997 Renovate vulnerable to arbitrary command injection via kustomize manager and malicious helm repository

Summary The user-provided chart name in the kustomize manager is appended to the helm pull --untar command without proper sanitization. Details Adversaries can provide a maliciously crafted kustomization.yaml in conjunction with a Helm repo's index.yaml file to trick Renovate to execute arbitrary...

6.7CVSS6AI score
Exploits0References2
Rows per page
Query Builder