319 matches found
CVE-2025-55198 vulnerabilities
Vulnerabilities for packages: flux-helm-controller, helm-operator, consul-k8s, zarf, istio, pluto, helm-push, linkerd2, headlamp, nova, zot, k8ssandra-client, harbor, helm-mapkubeapis, cilium-cli, trivy-operator, k9s, trivy, envoy-gateway, flux-source-controller, kube-arangodb, cert-manager-cmctl...
GHSA-F9F8-9PMF-XV68 vulnerabilities
Vulnerabilities for packages: flux-helm-controller, helm-operator, consul-k8s, zarf, istio, pluto, helm-push, linkerd2, headlamp, nova, zot, k8ssandra-client, harbor, helm-mapkubeapis, cilium-cli, trivy-operator, k9s, trivy, envoy-gateway, flux-source-controller, kube-arangodb, cert-manager-cmctl...
GHSA-9H84-QMV7-982P vulnerabilities
Vulnerabilities for packages: flux-helm-controller, helm-operator, consul-k8s, zarf, istio, tw, pluto, helm-push, linkerd2, headlamp, nova, zot, k8ssandra-client, harbor, helm-mapkubeapis, cilium-cli, trivy-operator, k9s, trivy, envoy-gateway, flux-source-controller, kube-arangodb,...
OPENSUSE-SU-2025:15184-1 pluto-5.21.7-1.1 on GA media
These are all security issues fixed in the pluto-5.21.7-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2024-32973
Pluto is a superset of Lua 5.4 with a focus on general-purpose programming. In affected versions an attacker with the ability to actively intercept network traffic would be able to use a specifically-crafted certificate to fool Pluto into trusting it to be the intended remote for the TLS session...
CVE-2021-36739
The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...
CVE-2021-36737
The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact...
CVE-2021-36738
The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: flux-helm-controller, helm-operator, consul-k8s, zarf, tw, pluto, helm-push, zot, k8ssandra-client, cilium-cli, k9s, trivy, flux-source-controller, cert-manager-cmctl, chartmuseum, eksctl, chart-testing, flux, kots, kubescape, rancher-helm, teleport,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: flux-helm-controller, helm-operator, consul-k8s, zarf, tw, pluto, helm-push, zot, k8ssandra-client, cilium-cli, k9s, trivy, flux-source-controller, cert-manager-cmctl, chartmuseum, eksctl, chart-testing, flux, kots, kubescape, rancher-helm, teleport,...
CVE-2025-32386 vulnerabilities
Vulnerabilities for packages: flux-helm-controller, helm-operator, consul-k8s, zarf, tw, pluto, helm-push, zot, k8ssandra-client, cilium-cli, k9s, trivy, flux-source-controller, cert-manager-cmctl, chartmuseum, eksctl, chart-testing, flux, kots, kubescape, rancher-helm, teleport,...
GHSA-5XQW-8HWV-WG92 vulnerabilities
Vulnerabilities for packages: flux-helm-controller, helm-operator, consul-k8s, zarf, tw, pluto, helm-push, zot, k8ssandra-client, cilium-cli, k9s, trivy, flux-source-controller, cert-manager-cmctl, chartmuseum, eksctl, chart-testing, flux, kots, kubescape, rancher-helm, teleport,...
libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart
A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...
libreswan: Invalid IKEv1 Quick Mode ID causes restart
A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or...
libreswan: Invalid IKEv2 REKEY proposal causes restart
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...
libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...
libreswan: Invalid IKEv2 REKEY proposal causes restart
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...
libreswan: Invalid IKEv1 Quick Mode ID causes restart
A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or...
libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart
A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...
libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart
A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...