CVE-2025-30204 vulnerabilities

Vulnerabilities for packages: zarf, kine, tempo, skaffold, nuclei, amazon-cloudwatch-agent, ksops, harbor-registry, rclone, sigstore-scaffolding, kubeflow-katib, buildkitd, pulumi, traefik, k8sgpt, filebrowser, promxy, terragrunt, xeol, pulumi-kubernetes-operator, terraform, op-geth, openbao,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: go-licenses, kine, kustomize, docker-credential-gcr, kyverno-policy-reporter-kyverno-plugin, nuclei, skaffold, go-md2man, gcsfuse, dockerize, hey, fuse-overlayfs-snapshotter, kubeflow-katib, newrelic-prometheus-configurator, buildkitd, kube-bench, pulumi, nri-mssql,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: go-licenses, kine, kustomize, docker-credential-gcr, kyverno-policy-reporter-kyverno-plugin, nuclei, skaffold, go-md2man, gcsfuse, dockerize, hey, fuse-overlayfs-snapshotter, kubeflow-katib, newrelic-prometheus-configurator, buildkitd, kube-bench, pulumi, nri-mssql,...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper certificate validation. An attacker can intercept secure communications by presenting a forged certificate. Remediation Upgrade github.com/mongodb/mongo-tools/common/db to version 3.6.21,...

Security Bulletin: Multiple vulnerabilities in the mongo-tools utility affect IBM WebSphere Automation

Summary There are multiple vulnerabilities in the mongo-tools utility used in IBM WebSphere Automation. These have been addressed in the remediation section. Vulnerability Details CVEID:CVE-2022-41715 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the compilation of regula...