CVE-2025-30204 vulnerabilities

Vulnerabilities for packages: guac, kaniko, terraform, secrets-store-csi-driver-provider-azure, external-secrets-operator, crossplane-provider-azure, rclone, eksctl, k3s, falcoctl, tempo, step-kms-plugin, temporal-server, tkn, flyte, gitea, cortex, vexctl, opentelemetry-collector-contrib, openfga...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: prometheus-pushgateway, hello-world-golang, flux-helm-controller, docker-cli, gh, kaf, terraform, nri-nagios, secrets-store-csi-driver-provider-azure, prometheus-blackbox-exporter, timoni, q, govulncheck, helm-push, influx, nri-memcached, mage, nri-mongodb,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: prometheus-pushgateway, hello-world-golang, flux-helm-controller, docker-cli, gh, kaf, terraform, nri-nagios, secrets-store-csi-driver-provider-azure, prometheus-blackbox-exporter, timoni, q, govulncheck, helm-push, influx, nri-memcached, mage, nri-mongodb,...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper certificate validation. An attacker can intercept secure communications by presenting a forged certificate. Remediation Upgrade github.com/mongodb/mongo-tools/common/db to version 3.6.21,...

Security Bulletin: Multiple vulnerabilities in the mongo-tools utility affect IBM WebSphere Automation

Summary There are multiple vulnerabilities in the mongo-tools utility used in IBM WebSphere Automation. These have been addressed in the remediation section. Vulnerability Details CVEID:CVE-2022-41715 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the compilation of regula...