11 matches found
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: flux, pluto, flux-image-reflector-controller, malcontent, oras, supercronic, dbmate, goreleaser, temporal, stakater-reloader, secrets-store-csi-driver-provider-aws, nova, hubble, polaris, external-secrets-operator, flux-image-automation-controller, flux-operator,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kpt, prometheus-blackbox-exporter, aws-efs-csi-driver, dbmate, grafana-agent-operator, manifest-tool, ko, knative-eventing, terraform-provider-pagerduty, kubernetes-csi-node-driver-registrar, maru, php-fpmexporter, influx, pgpool2exporter, go,...
CLEANSTART-2026-NV36169 Security fixes for CVE-2025-61732, CVE-2025-66564, CVE-2025-68121, CVE-2026-24686, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, ghsa-fcv2-xgw5-pqxf applied in versions: 0.7.29-r1, 0.7.29-r2
Multiple security vulnerabilities affect the sigstore-scaffolding package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-27142 vulnerabilities
Vulnerabilities for packages: kpt, prometheus-blackbox-exporter, bank-vaults, crossplane-provider-aws-memorydb, openfga, trino, kube-fluentd-operator, falco-no-driver, crossplane-provider-aws-iam, tflint, prometheus-alertmanager, terraform-provider-tls, cluster-api-gcp-controller,...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: kpt, prometheus-blackbox-exporter, bank-vaults, crossplane-provider-aws-memorydb, openfga, trino, kube-fluentd-operator, falco-no-driver, crossplane-provider-aws-iam, tflint, prometheus-alertmanager, terraform-provider-tls, cluster-api-gcp-controller,...
GHSA-J3GX-2473-5FP8 vulnerabilities
Vulnerabilities for packages: kpt, prometheus-blackbox-exporter, crossplane-provider-aws-memorydb, cluster-api-gcp-controller, knative-eventing, terraform-provider-pagerduty, kubernetes-csi-node-driver-registrar, rabbitmq-cluster-operator, maru, php-fpmexporter, influx, pgpool2exporter, go,...
CVE-2026-25679 vulnerabilities
Vulnerabilities for packages: kpt, prometheus-blackbox-exporter, crossplane-provider-aws-memorydb, cluster-api-gcp-controller, knative-eventing, terraform-provider-pagerduty, kubernetes-csi-node-driver-registrar, rabbitmq-cluster-operator, maru, php-fpmexporter, influx, pgpool2exporter, go,...
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: flux, guac, bank-vaults, flux-image-reflector-controller, step-ca, sqlpad, trino, py3-cassandra-medusa, buildkitd, py3-azure-identity, falcoctl, goreleaser, grafana-agent-operator, hugo-extended, airflow, cosign, timestamp-authority, velero, zarf, thanos,...
CVE-2024-28180 vulnerabilities
Vulnerabilities for packages: guac, bank-vaults, step-ca, kubernetes-dashboard, weaviate, falcoctl, goreleaser, temporal, timestamp-authority, zarf, cosign, minio, ko, skopeo, oauth2-proxy, skaffold, step, apko, kots, spire-server, wolfictl, sops, zot, terragrunt, policy-controller, slsa-verifier...
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: nats, vexctl, aws-load-balancer-controller-fips, kubernetes-dashboard-fips, vault-k8s, hubble-ui, flux-helm-controller, haproxy-ingress, crossplane-provider-aws-eks, prometheus-bind-exporter, pulumi-kubernetes-operator, docker-compose, aactl,...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: kpt, prometheus-blackbox-exporter, aws-efs-csi-driver, ko, pulumi-language-yaml, nginx-mainline, kaf, hey, flux-notification-controller, sigstore-scaffolding, terraform-provider-azurerm, node-problem-detector, nats, aactl, flux-source-controller,...