290 matches found
CLEANSTART-2026-DN20646 spdystream is a Go library for multiplexing streams over SPDY connections
Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. spdystream is a Go library for multiplexing streams over SPDY connections. See references for individual vulnerability details...
CVE-2026-29181 vulnerabilities
Vulnerabilities for packages: consul, slsa-verifier, gatus-fips, crossplane-provider-aws-servicediscovery, cadence-fips, crossplane-provider-aws-kendra, step-fips, crossplane-provider-aws-kendra-fips, blob-csi-fips, crossplane-provider-azure-relay, crossplane-provider-aws-kinesis,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: k6, cert-manager-fips, rancher, cert-manager-istio-csr, neuvector-fips, cert-manager-cmctl, flux-fips, xeol, beats, telegraf, seaweedfs-fips, elastic-agent, kyverno-fips, xeol-fips, nuclei, minio-fips, percona-server-mongodb-operator, seaweedfs, sftpgo-plugin-auth,...
CVE-2026-6383 vulnerabilities
Vulnerabilities for packages: virt-handler, virt-launcher, virt-api-fips, virt-controller, virt-controller-fips, virt-handler-fips, virt-operator-fips, virt-api, virt-operator...
GHSA-J6CV-3W8P-VRG8 vulnerabilities
Vulnerabilities for packages: virt-handler, virt-launcher, virt-api-fips, virt-controller, virt-controller-fips, virt-handler-fips, virt-operator-fips, virt-api, virt-operator...
CLEANSTART-2026-AN01004 filippo
Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. filippo. See references for individual vulnerability details...
CLEANSTART-2026-QO20135 When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint
Multiple security vulnerabilities affect the minio-operator-fips package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual...
CVE-2026-40179 vulnerabilities
Vulnerabilities for packages: certificate-transparency, grafana-pyroscope-fips, mcp-grafana-fips, certificate-transparency-fips, datadog-agent, beats, plutono, splunk-otel-collector-fips, telegraf, opentelemetry-collector-k8s-fips, jaeger-fips, elastic-agent-fips, minio-object-browser-fips,...
GHSA-VFFH-X6R8-XX99 vulnerabilities
Vulnerabilities for packages: certificate-transparency, grafana-pyroscope-fips, mcp-grafana-fips, certificate-transparency-fips, datadog-agent, beats, plutono, splunk-otel-collector-fips, telegraf, opentelemetry-collector-k8s-fips, jaeger-fips, elastic-agent-fips, minio-object-browser-fips,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: flux-notification-controller, k8s-metacollector-fips, localstack, commercial-chainloop-cli, mariadb-operator-fips, volume-modifier-for-k8s, local-path-provisioner, mariadb-operator, nemo, malcontent, nodetaint-fips, nfs-subdir-external-provisioner, karpenter-fips,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: flux-notification-controller, k8s-metacollector-fips, localstack, commercial-chainloop-cli, mariadb-operator-fips, volume-modifier-for-k8s, local-path-provisioner, mariadb-operator, nemo, malcontent, nodetaint-fips, nfs-subdir-external-provisioner, karpenter-fips,...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: kaf, regclient, kubernetes, consul, slsa-verifier, xeol, task-fips, nemo, malcontent, rke2-runtime, sriov-network-device-plugin-fips, image-factory, cerbos, gitea-fips, eksctl, spire-server, step-ca-fips, buildah, apko, trivy-operator-fips, kube-mgmt-fips, cilium-cli...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: kaf, regclient, kubernetes, consul, slsa-verifier, xeol, task-fips, nemo, malcontent, rke2-runtime, sriov-network-device-plugin-fips, image-factory, cerbos, gitea-fips, eksctl, spire-server, step-ca-fips, buildah, apko, trivy-operator-fips, kube-mgmt-fips, cilium-cli...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: mockgen, consul, step-fips, kubeflow-fips, malcontent, nfs-subdir-external-provisioner, stakater-reloader-fips, falco-exporter, xcaddy, image-factory, cerbos, contour-fips, prometheus-postgres-exporter, emissary, terraform-provider-tls, esbuild,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, regclient, kubernetes, kubevirt-cdi-operator-fips, consul, slsa-verifier, k8s-metacollector-fips, gatus-fips, crossplane-provider-aws-servicediscovery, cluster-proportional-autoscaler, xeol, cilium-certgen, kserve-rest-proxy, cadence-fips, step-fips,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, regclient, kubernetes, kubevirt-cdi-operator-fips, consul, slsa-verifier, k8s-metacollector-fips, gatus-fips, crossplane-provider-aws-servicediscovery, cluster-proportional-autoscaler, xeol, cilium-certgen, kserve-rest-proxy, cadence-fips, step-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, regclient, kubernetes, kubevirt-cdi-operator-fips, consul, slsa-verifier, k8s-metacollector-fips, gatus-fips, crossplane-provider-aws-servicediscovery, cluster-proportional-autoscaler, xeol, cilium-certgen, kserve-rest-proxy, cadence-fips, step-fips,...
CVE-2026-32280 vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, regclient, kubernetes, kubevirt-cdi-operator-fips, consul, slsa-verifier, k8s-metacollector-fips, gatus-fips, crossplane-provider-aws-servicediscovery, cluster-proportional-autoscaler, xeol, cilium-certgen, kserve-rest-proxy, cadence-fips, step-fips,...
CLEANSTART-2026-OC72960 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing
Multiple security vulnerabilities affect the gpu-operator-fips package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...
CLEANSTART-2026-JM69747 Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 25.10.0-r1
Multiple security vulnerabilities affect the gpu-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...