CLEANSTART-2026-IM73098 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the istio-pilot-discovery package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-XB34574 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-BL06950 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-CK72347 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

GHSA-HQXW-MM44-GC4R vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

CVE-2022-23635 vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

CVE-2021-39156 vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

GHSA-856Q-XV3C-7F2F vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

GHSA-QCVW-82HH-GQ38 vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

CVE-2022-31045 vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

CVE-2019-14993 vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

GHSA-7774-7VR3-CC8J vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

GHSA-XWX5-5C9G-X68X vulnerabilities

Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...

GHSA-HJ3V-M684-V259 vulnerabilities

Vulnerabilities for packages: spire-server, boring-registry, minio-fips, spire-server-fips, falco, boring-registry-fips, external-secrets-operator, falcoctl, mc, falcoctl-fips, minio, mc-fips, external-secrets-fips...

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: step, bank-vaults, gitsign, dex, frp, kubescape, tekton-chains, policy-controller, flux-kustomize-controller, terragrunt, apko, external-secrets-operator, step-ca, wolfictl, timestamp-authority, zot, kubernetes-dashboard, oauth2-proxy, temporal-ui-server, spire-serve...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: flux, vexctl, flux-image-reflector-controller, argo-workflows-fips, tekton-chains, cadvisor, bom, ctop, buildkitd, datadog-agent-fips, zarf, crane, docker-credential-gcr, falcoctl-fips, cosign-fips, helm, policy-controller-fips, newrelic-infrastructure-agent,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: flux, vexctl, flux-image-reflector-controller, argo-workflows-fips, tekton-chains, cadvisor, bom, ctop, buildkitd, datadog-agent-fips, zarf, crane, docker-credential-gcr, falcoctl-fips, cosign-fips, helm, policy-controller-fips, newrelic-infrastructure-agent,...

CVE-2023-49290 vulnerabilities

Vulnerabilities for packages: gitsign, kubescape, vexctl, tekton-chains, falco, falcoctl, falcoctl-fips, cosign-fips...

CVE-2023-49290 vulnerabilities

Vulnerabilities for packages: gitsign, falco, falcoctl, vexctl, kubescape, tekton-chains...

GHSA-XWX5-5C9G-X68X vulnerabilities

Vulnerabilities for packages: istio-pilot-discovery, istio-operator, istio-pilot-agent, istio-cni...