25 matches found
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: trufflehog, dex, cert-manager, yunikorn-k8shim, terraform, cert-manager-istio-csr, seaweedfs, gitea, percona-server-mongodb-operator, rancher, kyverno-notation-aws, grafana, rancher-agent, minio, spqr, telegraf, zot, ratify, xeol, rclone, sftpgo-plugin-auth,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: trufflehog, dex, cert-manager, yunikorn-k8shim, terraform, cert-manager-istio-csr, seaweedfs, gitea, percona-server-mongodb-operator, rancher, kyverno-notation-aws, grafana, rancher-agent, minio, spqr, telegraf, zot, ratify, xeol, rclone, sftpgo-plugin-auth,...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: databricks-cli-fips, kubescape-operator-fips, gitlab-rails-ce, cerbos-fips, sftpgo-plugin-auth, json-exporter-fips, karma-fips, memcached-exporter-fips, rancher-agent, crossplane-provider-aws-lambda-fips, eck-operator, newrelic-infrastructure-agent, elastic-agent,...
GHSA-FW7P-63QQ-7HPR vulnerabilities
Vulnerabilities for packages: aactl, kine, spire-server, dex, dbmate, terragrunt, trufflehog, step-kms-plugin, flux-kustomize-controller, dgraph, temporal, trillian, ksops, seaweedfs, gitea, sftpgo-plugin-eventstore, sops, tailscale, croc, cerbos, rekor, sqlexporter, grafana-alloy, minio,...
CVE-2025-11065 vulnerabilities
Vulnerabilities for packages: kyverno, datadog-agent, rancher-security-scan, jitsucom-bulker, beats-fips, gitlab-cng, gitlab-runner-fips, tkn-fips, kyverno-notation-aws-fips, grafana, boring-registry-fips, datadog-agent-fips, docker-compose-fips, zitadel, elastic-agent-fips, istio-fips,...
CVE-2026-23991 vulnerabilities
Vulnerabilities for packages: aactl, spire-server, goreleaser, buildkitd, cosign, crossplane, policy-controller, kyverno-notation-aws, rekor, trivy, vexctl, zot, trivy-operator, ratify, zarf, falcoctl, slsa-verifier, skaffold, tekton-chains, gitsign, flux-source-controller, docker, teleport,...
GHSA-846P-JG2W-W324 vulnerabilities
Vulnerabilities for packages: aactl, spire-server, goreleaser, buildkitd, cosign, crossplane, policy-controller, kyverno-notation-aws, rekor, trivy, vexctl, zot, trivy-operator, ratify, zarf, falcoctl, slsa-verifier, skaffold, tekton-chains, gitsign, flux-source-controller, docker, teleport,...
CVE-2026-23992 vulnerabilities
Vulnerabilities for packages: aactl, spire-server, goreleaser, buildkitd, cosign, crossplane, policy-controller, kyverno-notation-aws, rekor, trivy, vexctl, zot, trivy-operator, ratify, zarf, falcoctl, slsa-verifier, skaffold, tekton-chains, gitsign, flux-source-controller, docker, teleport,...
GHSA-FPHV-W9FQ-2525 vulnerabilities
Vulnerabilities for packages: aactl, spire-server, goreleaser, buildkitd, cosign, crossplane, policy-controller, kyverno-notation-aws, rekor, trivy, vexctl, zot, trivy-operator, ratify, zarf, falcoctl, slsa-verifier, skaffold, tekton-chains, gitsign, flux-source-controller, docker, teleport,...
GHSA-FPHV-W9FQ-2525 vulnerabilities
Vulnerabilities for packages: flux-source-controller, buildkitd, cosign, image-factory-fips, cosign-fips, kyverno, gitsign, tekton-chains, tflint, zot, ratify, crossplane, policy-controller-fips, skaffold-fips, vexctl, kyverno-policy-reporter-plugins-kyverno, falcoctl, teleport, rekor,...
GHSA-846P-JG2W-W324 vulnerabilities
Vulnerabilities for packages: flux-source-controller, buildkitd, cosign, image-factory-fips, cosign-fips, kyverno, gitsign, tekton-chains, tflint, zot, ratify, crossplane, policy-controller-fips, skaffold-fips, vexctl, kyverno-policy-reporter-plugins-kyverno, falcoctl, teleport, rekor,...
CVE-2026-23991 vulnerabilities
Vulnerabilities for packages: flux-source-controller, buildkitd, cosign, image-factory-fips, cosign-fips, kyverno, gitsign, tekton-chains, tflint, zot, ratify, crossplane, policy-controller-fips, skaffold-fips, vexctl, kyverno-policy-reporter-plugins-kyverno, falcoctl, teleport, rekor,...
CVE-2026-23992 vulnerabilities
Vulnerabilities for packages: flux-source-controller, buildkitd, cosign, image-factory-fips, cosign-fips, kyverno, gitsign, tekton-chains, tflint, zot, ratify, crossplane, policy-controller-fips, skaffold-fips, vexctl, kyverno-policy-reporter-plugins-kyverno, falcoctl, teleport, rekor,...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: step-kms-plugin, cert-manager, buildkitd, polaris, nri-nginx, thanos-operator, aws-eks-pod-identity-agent, nri-consul, chart-testing, zot, hubble, bom, harbor-registry, delve, rclone, falcoctl, flux-operator, dive, harbor-cli, cluster-api-azure-controller, gobuster,...
SUSE CVE-2025-27403
Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies the user creates. In a Kubernetes environment, Ratify can be configured to authenticate to a private Azu...
CVE-2025-27403
Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies the user creates. In a Kubernetes environment, Ratify can be configured to authenticate to a private Azu...
GO-2025-3511 Ratify Azure authentication providers can leak authentication tokens to non-Azure container registries in github.com/deislabs/ratify
Ratify Azure authentication providers can leak authentication tokens to non-Azure container registries in github.com/deislabs/ratify...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere due to the improper validation of target registry domains during the token exchange process. An attacker can extract and misuse authentication tokens by directin...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere due to the improper validation of target registry domains during the token exchange process. An attacker can extract and misuse authentication tokens by directin...
CVE-2025-27403
Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies the user creates. In a Kubernetes environment, Ratify can be configured to authenticate to a private Azu...