Lucene search
K

22 matches found

Chainguard
Chainguard
added 2026/06/26 8:22 p.m.13 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: packer-fips, crossplane-provider-aws-networkmanager, crossplane-provider-aws-organizations, crossplane-provider-azure-signalrservice, spire-server, crossplane-provider-aws-elasticache-fips, grype-db, pulumi-kubernetes-operator, tflint, crossplane-provider-aws-route53...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-RM3J-F69W-WQMQ vulnerabilities

Vulnerabilities for packages: packer-fips, crossplane-provider-aws-networkmanager, crossplane-provider-aws-organizations, crossplane-provider-azure-signalrservice, spire-server, crossplane-provider-aws-elasticache-fips, grype-db, pulumi-kubernetes-operator, tflint, crossplane-provider-aws-route53...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.16 views

GHSA-RM3J-F69W-WQMQ vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, gomplate, src, wolfictl, caddy, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, fulcio, docker-compose,...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/08 1:40 p.m.17 views

CLEANSTART-2026-MI06133 Security fixes for CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598 applied in versions: 0.36.1-r0, 0.36.6-r0, 0.36.6-r1, 0.37.0-r0

Multiple security vulnerabilities affect the sealed-secrets package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS5.9AI score0.00939EPSS
Exploits0References81
OSV
OSV
added 2026/05/18 1:25 p.m.10 views

CLEANSTART-2026-AY89602 Security fixes for CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 0.36.1-r0, 0.36.6-r0

Multiple security vulnerabilities affect the sealed-secrets package. These issues are resolved in later releases. See references for individual vulnerability details...

8.8CVSS7.4AI score0.00813EPSS
Exploits0References35
OSV
OSV
added 2026/05/18 1:12 p.m.16 views

CLEANSTART-2026-MK07381 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 0.35.0-r0, 0.35.0-r1, 0.35.0-r2

Multiple security vulnerabilities affect the sealed-secrets package. These issues are resolved in later releases. See references for individual vulnerability details...

8.8CVSS7.2AI score0.00813EPSS
Exploits0References41
OSV
OSV
added 2026/04/14 12:44 a.m.8 views

CLEANSTART-2026-FH63386 When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint

Multiple security vulnerabilities affect the sealed-secrets package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability...

9.8CVSS7.3AI score0.00728EPSS
Exploits0References19
OSV
OSV
added 2026/04/14 12:43 a.m.11 views

CLEANSTART-2026-LK73694 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

Multiple security vulnerabilities affect the sealed-secrets package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00621EPSS
Exploits0References13
OSV
OSV
added 2026/04/06 2:48 a.m.14 views

CLEANSTART-2026-DM62512 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.35.0-r0

Multiple security vulnerabilities affect the sealed-secrets package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/03/25 11:52 a.m.3 views

SUSE CVE-2026-22728

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS5.9AI score0.00352EPSS
Exploits0References3
OSV
OSV
added 2026/03/10 6:28 p.m.5 views

GO-2026-4565 Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/27 4:13 a.m.4 views

CVE-2026-22728

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS5.5AI score0.00352EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 10:49 p.m.4 views

EUVD-2026-8795

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations...

4.9CVSS5.3AI score0.00352EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/26 10:49 p.m.8 views

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations

This report shows a scope-widening issue in the rotate re-encrypt flow: the output scope can be derived from untrusted spec.template.metadata.annotations on the input sealed secret. If a victim sealed secret is strict- or namespace-scoped, an attacker who can submit it to the rotate endpoint can...

4.9CVSS5.5AI score0.00352EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/02/26 2:16 a.m.8 views

CVE-2026-22728

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS0.00352EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 12:50 a.m.7 views

CVE-2026-22728

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS5.5AI score0.00352EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/26 12:50 a.m.25 views

CVE-2026-22728 sealed-secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotations

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS0.00352EPSS
Exploits0References1
OSV
OSV
added 2026/02/26 12:50 a.m.4 views

CVE-2026-22728 sealed-secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotations

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS7.2AI score0.00352EPSS
Exploits0References3
CVE
CVE
added 2026/02/26 12:50 a.m.34 views

CVE-2026-22728

CVE-2026-22728 concerns Bitnami Sealed Secrets during the secret rotation flow (/v1/rotate). The rotation process derives the new sealing scope from input SealedSecret metadata, and untrusted annotations in the template can widen the scope to cluster-wide (sealedsecrets.bitnami.com/cluster-wide=t...

4.9CVSS5.5AI score0.00352EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.5 views

PT-2026-22072

Name of the Vulnerable Software and Affected Versions Bitnami Sealed Secrets affected versions not specified Description Bitnami Sealed Secrets is susceptible to a scope-widening attack during the secret rotation process via the /v1/rotate API endpoint. The rotation handler uses untrusted data fr...

9.9CVSS6.9AI score0.22162EPSS
Exploits70References140
Rows per page
Query Builder