21 matches found
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: rabbitmq-messaging-topology-operator-fips, cluster-autoscaler-fips, gitaly, tofu-controller-fips, sriov-network-device-plugin, kine, istio, grafana-operator, mattermost, docker-cli, elastic-agent, tekton-pipelines-fips, aws-flb-kinesis, external-secrets-operator-fips...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: rabbitmq-messaging-topology-operator-fips, cluster-autoscaler-fips, gitaly, tofu-controller-fips, sriov-network-device-plugin, kine, istio, grafana-operator, mattermost, docker-cli, elastic-agent, tekton-pipelines-fips, aws-flb-kinesis, external-secrets-operator-fips...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: victoriametrics-operator, rabbitmq-messaging-topology-operator-fips, google-guest-agent-manager, q, databricks-cli, kube-vip-cloud-provider, fixuid, grafana-operator, mattermost, nri-apache, fzf, metrics-agent-fips, elastic-agent, apache-exporter,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: victoriametrics-operator, aws-nuke-fips, rabbitmq-messaging-topology-operator-fips, cluster-autoscaler-fips, google-guest-agent-manager, q, databricks-cli, eks-distro, cinder-csi-plugin-fips, victoriametrics-cluster, gitaly, custom-pod-autoscaler, mcp-grafana-fips,...
CVE-2026-22772 vulnerabilities
Vulnerabilities for packages: aactl, falcoctl, kots, cosign, tekton-chains, witness, zarf, vexctl, skopeo, gitsign, falco-no-driver, slsa-verifier, kubescape, sigstore-scaffolding...
GHSA-59JP-PJ84-45MR vulnerabilities
Vulnerabilities for packages: aactl, falcoctl, kots, cosign, tekton-chains, witness, zarf, vexctl, skopeo, gitsign, falco-no-driver, slsa-verifier, kubescape, sigstore-scaffolding...
CVE-2026-22772 vulnerabilities
Vulnerabilities for packages: kubescape, gitsign, kots, falcoctl-fips, falcoctl, podman-fips, chainctl, sigstore-scaffolding, witness, sigstore-scaffolding-fips, tekton-chains, kyverno-policy-reporter-plugins-kyverno-fips, flux-source-controller-fips, falco-no-driver, image-factory, cosign,...
GHSA-3WHM-J4XM-RV8X vulnerabilities
Vulnerabilities for packages: falcoctl, nri-elasticsearch, cni-plugins, vertical-pod-autoscaler, zot, kapp-controller, kpt, boring-registry, rancher-fleet, influx, rootlesskit, vault-benchmark, crossplane-provider-azure-managedidentity, pluto, kube-metrics-adapter, cluster-proportional-autoscaler...
GHSA-4F8R-QQR9-FQ8J vulnerabilities
Vulnerabilities for packages: falcoctl, tekton-chains, policy-controller, vexctl, gh, apko, zot, gitsign, rekor, wolfictl, kubescape, aactl, neuvector-sigstore-interface, zarf, tkn, slsa-verifier, sigstore-scaffolding, cosign, trivy, spire-server...
CVE-2024-47534 vulnerabilities
Vulnerabilities for packages: falcoctl, tekton-chains, policy-controller, vexctl, gh, apko, zot, gitsign, rekor, wolfictl, kubescape, aactl, neuvector-sigstore-interface, zarf, tkn, slsa-verifier, sigstore-scaffolding, cosign, trivy, spire-server...
CVE-2024-45395 vulnerabilities
Vulnerabilities for packages: gh, cosign-fips, slsa-verifier, cosign...
CVE-2024-45395 vulnerabilities
Vulnerabilities for packages: cosign, gh, slsa-verifier...
GHSA-CQ38-JH5F-37MQ vulnerabilities
Vulnerabilities for packages: cosign, gh, slsa-verifier...
GHSA-CQ38-JH5F-37MQ vulnerabilities
Vulnerabilities for packages: gh, cosign-fips, slsa-verifier, cosign...
GO-2023-2188 slsa-verifier vulnerable to mproper validation of npm's publish attestations in github.com/slsa-framework/slsa-verifier
slsa-verifier vulnerable to mproper validation of npm's publish attestations in github.com/slsa-framework/slsa-verifier...
GHSA-R2XV-VPR2-42M9 slsa-verifier vulnerable to mproper validation of npm's publish attestations
Summary slsa-verifier attestationstampered.json 5. SLSAVERIFIEREXPERIMENTAL=1 slsa-verifier verify-npm-package supreme-goggles.tgz --attestations-path attestationstampered.json --builder-id "https://github.com/actions/runner/github-hosted" --package-name "@trishankatdatadog/supreme-goggles"...
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: up, kubescape, cert-manager, bom, falcoctl-fips, k3d, rancher-agent, scorecard, ctop, spire-server-fips, kpt, tekton-chains, paranoia, skaffold, chartmuseum, k3s, slsa-verifier, falco, aactl...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: aactl, spark-operator, src, kubeflow, up, dgraph, k3d, falco, slsa-verifier, terraform-provider-sendgrid, ipfs, kubevela, cortex, scorecard, prometheus-blackbox-exporter, kubescape, buildkitd...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: up, kubescape, cluster-autoscaler-fips, falcoctl-fips, k3d, kubernetes-csi-livenessprobe-fips, scorecard, conftest-fips, kubeflow, cortex, vault-csi-provider, terraform-provider-sendgrid, src, kubernetes-csi-livenessprobe, dgraph, prometheus-blackbox-exporter,...
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: prometheus-postgres-exporter-fips, kubewatch, atlantis, cluster-autoscaler-fips, kots, falcoctl, wireguard-go, pulumi-language-yaml, bank-vaults, gomplate, flux-notification-controller, yq, crossplane-provider-aws, zot, kube-state-metrics-fips,...