17 matches found
CLEANSTART-2026-CK42797 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-1229, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, ghsa-37cx-329c-33x3 applied in versions: 0.18.0-r1, 1.16.0-r0
Multiple security vulnerabilities affect the pulumi-kubernetes-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: hydra, witness, terragrunt, crossplane-provider-family-aws, datadog-agent, helm-push, xeol, crossplane-provider-aws-sns, argo-events, crossplane-provider-aws-kinesis, pulumi-language-dotnet, flux-kustomize-controller, gitaly, syft, kubevela, ratify, boring-registry,...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: hydra, witness, terragrunt, crossplane-provider-family-aws, datadog-agent, helm-push, xeol, crossplane-provider-aws-sns, argo-events, crossplane-provider-aws-kinesis, pulumi-language-dotnet, flux-kustomize-controller, gitaly, syft, kubevela, ratify, boring-registry,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: omnictl-multiarch-fips, argo-rollouts, cert-manager-cmctl-fips, packer, terraform-provider-azurerm, tfsec, boring-registry-fips, crossplane-provider-keycloak, trivy, gitlab-runner-fips, nuclei, crossplane-provider-aws-ec2, crossplane-provider-aws-elasticache-fips,...
CVE-2023-49569 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, go-licenses, nuclei, src-fingerprint, goreleaser, gitsign, scorecard, gitness, bom...
CVE-2023-49569 vulnerabilities
Vulnerabilities for packages: src-fingerprint, gitsign, goreleaser, gitness, pulumi-kubernetes-operator, nuclei, scorecard, go-licenses, bom...
GHSA-449P-3H89-PW88 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, go-licenses, nuclei, src-fingerprint, goreleaser, gitsign, scorecard, gitness, bom...
GHSA-449P-3H89-PW88 vulnerabilities
Vulnerabilities for packages: src-fingerprint, gitsign, goreleaser, gitness, pulumi-kubernetes-operator, nuclei, scorecard, go-licenses, bom...
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-lambda, kaniko, flux-image-automation-controller, crossplane-provider-aws-cloudformation, opentofu, pulumi-language-java, skaffold, wolfictl, spire-server-fips, terraform-provider-google, flux-notification-controller,...
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: melange, argo-workflows, pulumi-kubernetes-operator, flux-notification-controller, task, argo-events, argo-events-fips, snyk-cli...
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, snyk-cli, argo-events, melange, flux-notification-controller, task, argo-workflows...
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, snyk-cli, argo-events, melange, flux-notification-controller, task, argo-workflows...
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: melange, argo-workflows, pulumi-kubernetes-operator, flux-notification-controller, task, argo-events, argo-events-fips, snyk-cli...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: metrics-server-fips, dgraph, timestamp-authority-fips, terraform-provider-sendgrid-fips, spark-operator, kubescape, kubevela, kubeflow-fips, terraform-provider-sendgrid, falco, prometheus-blackbox-exporter, dynamic-localpv-provisioner-fips, aws-efs-csi-driver-fips,...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: src, falco, cortex, up, slsa-verifier, terraform-provider-sendgrid, buildkitd, k3d, spark-operator, aactl, kubeflow, kubevela, kubescape, dgraph, scorecard, prometheus-blackbox-exporter...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: k8sgpt-operator, kube-logging-logging-operator, nfs-subdir-external-provisioner-fips, kubeflow-katib, falcoctl, trust-manager, cue, ollama, prometheus-postgres-exporter, k3s, grpcurl, kubescape, flux, gitness, aws-efs-csi-driver-fips, kaf, src, metrics-server,...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: nghttp2, nginx-stable, spark-operator, grpcurl, metacontroller, node-problem-detector, oauth2-proxy, pulumi-language-dotnet, flux-kustomize-controller, kubevela, kubewatch, buildkitd, flux-helm-controller, kpt, prometheus-blackbox-exporter, kaf, haproxy-ingress, hugo...