17 matches found
CLEANSTART-2026-CK42797 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-1229, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, ghsa-37cx-329c-33x3 applied in versions: 0.18.0-r1, 1.16.0-r0
Multiple security vulnerabilities affect the pulumi-kubernetes-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-s3, k9s, crossplane-provider-family-azure, osv-scanner, cert-manager-cmctl, crossplane-provider-azure-managedidentity, gitsign, lazygit, crossplane-provider-aws-memorydb, crossplane-provider-keycloak, flux-kustomize-controller,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-s3, k9s, crossplane-provider-family-azure, osv-scanner, cert-manager-cmctl, crossplane-provider-azure-managedidentity, gitsign, lazygit, crossplane-provider-aws-memorydb, crossplane-provider-keycloak, flux-kustomize-controller,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: aactl, ratify, crossplane-provider-aws-cloudfront-fips, argo-cd-fips, cilium-cli, crossplane-provider-aws-lambda-fips, crossplane-provider-aws-cloudwatchlogs-fips, crossplane-provider-aws-lambda, docker-fips, external-secrets-operator-fips, flux-fips, gptscript, cg,...
CVE-2023-49569 vulnerabilities
Vulnerabilities for packages: go-licenses, goreleaser, nuclei, gitsign, src-fingerprint, gitness, bom, scorecard, pulumi-kubernetes-operator...
CVE-2023-49569 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, scorecard, bom, nuclei, src-fingerprint, go-licenses, goreleaser, gitness, gitsign...
GHSA-449P-3H89-PW88 vulnerabilities
Vulnerabilities for packages: go-licenses, goreleaser, nuclei, gitsign, src-fingerprint, gitness, bom, scorecard, pulumi-kubernetes-operator...
GHSA-449P-3H89-PW88 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, scorecard, bom, nuclei, src-fingerprint, go-licenses, goreleaser, gitness, gitsign...
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: aactl, slsa-verifier, scorecard, wolfictl, spire-server, crossplane-provider-aws-ec2, kaniko, crossplane-provider-aws-lambda, crossplane-provider-family-aws, flux-kustomize-controller, grype, gitness, crossplane, sops, vexctl, crossplane-provider-aws-route53, gitsign...
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: argo-events, task, argo-workflows, flux-notification-controller, melange, pulumi-kubernetes-operator, snyk-cli...
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: argo-events-fips, pulumi-kubernetes-operator, snyk-cli, argo-workflows, melange, task, argo-events, flux-notification-controller...
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: argo-events, task, argo-workflows, flux-notification-controller, melange, pulumi-kubernetes-operator, snyk-cli...
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: argo-events-fips, pulumi-kubernetes-operator, snyk-cli, argo-workflows, melange, task, argo-events, flux-notification-controller...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: aactl, k3d, prometheus-blackbox-exporter, spark-operator, falco, kubevela, terraform-provider-sendgrid, buildkitd, dgraph, slsa-verifier, src, scorecard, up, cortex, kubescape, kubeflow...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: aactl, slsa-verifier, scorecard, dgraph, bank-vaults-fips, spark-operator, conftest-fips, src, prometheus-stackdriver-exporter, kubernetes-csi-livenessprobe, timestamp-authority-fips, kiam, k3d, cluster-autoscaler-fips, dynamic-localpv-provisioner-fips,...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: aactl, prometheus-mongodb-exporter-fips, nats, aws-load-balancer-controller-fips, bank-vaults-fips, trillian, thanos-operator, kubernetes-csi-livenessprobe, flux-kustomize-controller, stakater-reloader, aws-load-balancer-controller, aws-efs-csi-driver, gobuster,...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: k3d, kind, coredns, secrets-store-csi-driver-provider-gcp, aws-efs-csi-driver, flux-kustomize-controller, haproxy-ingress, flux-notification-controller, node-problem-detector, mc, external-dns, kubeflow, flux-source-controller, metacontroller, flux-helm-controller,...