CLEANSTART-2026-XZ04425 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the prometheus-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-LS08172 Within HostnameError

Multiple security vulnerabilities affect the prometheus-fips package. Within HostnameError. See references for individual vulnerability details...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: argo-workflows, cert-manager-fips, falco, aactl, gitsign, istio-pilot-agent, kubevela, buildkitd, up, helm-operator-fips, flux-helm-controller, scorecard, cadvisor-fips, tekton-chains, zarf, cosign, crane, argo-workflows-fips, slsa-verifier, vexctl,...

CVE-2023-45286 vulnerabilities

Vulnerabilities for packages: rclone...

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: falco, rancher-agent, aactl, up, paranoia, scorecard, tekton-chains, slsa-verifier, cert-manager, k3s, chartmuseum, spire-server-fips, falcoctl-fips, ctop, kpt, skaffold, kubescape, bom, k3d...