17 matches found
CLEANSTART-2026-CK42797 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-1229, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, ghsa-37cx-329c-33x3 applied in versions: 0.18.0-r1, 1.16.0-r0
Multiple security vulnerabilities affect the pulumi-kubernetes-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: witness, apko, scorecard, osv-scanner, crossplane-provider-aws-ec2, terraform-provider-azuread, crossplane-provider-aws-cloudwatchlogs, pulumi-kubernetes-operator, crossplane-provider-aws-cloudfront, terraform-provider-azurerm, buildkitd, grafana, helm-push, tfsec,...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: witness, apko, scorecard, osv-scanner, crossplane-provider-aws-ec2, terraform-provider-azuread, crossplane-provider-aws-cloudwatchlogs, pulumi-kubernetes-operator, crossplane-provider-aws-cloudfront, terraform-provider-azurerm, buildkitd, grafana, helm-push, tfsec,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: gitea, argo-cd-fips, snyk-cli, kyverno-fips, crossplane-fips, lazygit, crossplane-provider-aws-memorydb, gitlab-runner-fips, melange, crossplane-provider-aws-efs-fips, crossplane-provider-azure-managedidentity, kubescape, omni, tekton-pipelines, apko-fips,...
CVE-2023-49569 vulnerabilities
Vulnerabilities for packages: bom, pulumi-kubernetes-operator, goreleaser, gitness, go-licenses, gitsign, scorecard, nuclei, src-fingerprint...
CVE-2023-49569 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, go-licenses, nuclei, gitness, gitsign, src-fingerprint, scorecard, goreleaser, bom...
GHSA-449P-3H89-PW88 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, go-licenses, nuclei, gitness, gitsign, src-fingerprint, scorecard, goreleaser, bom...
GHSA-449P-3H89-PW88 vulnerabilities
Vulnerabilities for packages: bom, pulumi-kubernetes-operator, goreleaser, gitness, go-licenses, gitsign, scorecard, nuclei, src-fingerprint...
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, terraform-provider-google, aactl, slsa-verifier, crossplane-provider-aws-dynamodb, gitsign, crossplane-provider-aws-memorydb, syft, crossplane-provider-aws-eks, melange, crossplane-provider-aws-iam, crossplane-provider-aws-cloudfront,...
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, snyk-cli, task, argo-workflows, flux-notification-controller, melange, argo-events...
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: flux-notification-controller, argo-events-fips, pulumi-kubernetes-operator, snyk-cli, task, argo-events, melange, argo-workflows...
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, snyk-cli, task, argo-workflows, flux-notification-controller, melange, argo-events...
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: flux-notification-controller, argo-events-fips, pulumi-kubernetes-operator, snyk-cli, task, argo-events, melange, argo-workflows...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: falco, src, kubescape, dgraph, aactl, kubevela, prometheus-blackbox-exporter, terraform-provider-sendgrid, buildkitd, slsa-verifier, up, spark-operator, scorecard, kubeflow, cortex, k3d...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: terraform-provider-sendgrid, up, dgraph, aactl, conftest-fips, prometheus-stackdriver-exporter, slsa-verifier, smarter-device-manager-fips, kiam, terraform-provider-sendgrid-fips, kubescape, kubeflow-fips, falcoctl-fips, spark-operator,...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: terraform-provider-sendgrid, crossplane-provider-azure, fuse-overlayfs-snapshotter, nfs-subdir-external-provisioner-fips, kiam, terraform-provider-sendgrid-fips, prometheus-mysqld-exporter, nfs-subdir-external-provisioner, kubescape, nri-prometheus, atlantis-fips,...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: kind, fuse-overlayfs-snapshotter, prometheus-adapter, weaviate, scorecard, ko, stakater-reloader, pulumi-kubernetes-operator, terraform-provider-azurerm, buildkitd, kubewatch, nats, dgraph, gke-gcloud-auth-plugin, grype, flux-kustomize-controller, wireguard-go,...