26 matches found
CVE-2026-48702 vulnerabilities
Vulnerabilities for packages: kubescape, kyverno-fips, policy-controller-fips, neuvector-sigstore-interface, tbot, trivy-operator, gitsign, cloudbeat-fips, slsa-verifier, ratify-fips, spire-server-fips, crossplane, ko-fips, tflint, trivy-operator-fips, zarf, crossplane-fips, falcoctl-fips, kyvern...
GHSA-47Q9-M4WW-924M vulnerabilities
Vulnerabilities for packages: kubescape, kyverno-fips, policy-controller-fips, neuvector-sigstore-interface, tbot, trivy-operator, gitsign, cloudbeat-fips, slsa-verifier, ratify-fips, spire-server-fips, crossplane, ko-fips, tflint, trivy-operator-fips, zarf, crossplane-fips, falcoctl-fips, kyvern...
GHSA-47Q9-M4WW-924M vulnerabilities
Vulnerabilities for packages: teleport, ko, gitsign, slsa-verifier, zarf, spire-server, tkn, kubescape, crossplane, neuvector-sigstore-interface, kyverno, kyverno-notation-aws, ratify, tflint, falcoctl, trivy-operator...
CVE-2026-48702 vulnerabilities
Vulnerabilities for packages: teleport, ko, gitsign, slsa-verifier, zarf, spire-server, tkn, kubescape, crossplane, neuvector-sigstore-interface, kyverno, kyverno-notation-aws, ratify, tflint, falcoctl, trivy-operator...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: skaffold, sops, vault-benchmark, wolfictl, cluster-api-azure-controller, cert-manager, minio, tflint, ko, buildah, opentelemetry-collector, crossplane-provider-family-azure, nerdctl, rancher, rootlesskit, cosign, cilium, gitea, knative-serving, mattermost, kyverno,...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: nemo, dive, azuredisk-csi-fips, mesosphere-vsphere-csi-fips, rclone, rke2-runtime, karpenter-fips, crossplane, kubevela-fips, kubernetes-csi-driver-nfs, sonobuoy-fips, grafana-fips, vault-csi-provider, net-kourier, aws-load-balancer-controller-fips, falco-no-driver,...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: nemo, dive, azuredisk-csi-fips, mesosphere-vsphere-csi-fips, rclone, rke2-runtime, karpenter-fips, crossplane, kubevela-fips, kubernetes-csi-driver-nfs, sonobuoy-fips, grafana-fips, vault-csi-provider, net-kourier, aws-load-balancer-controller-fips, falco-no-driver,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: nginx-prometheus-exporter, node-problem-detector-fips, knative-kafka-broker, fixuid, flux-image-reflector-controller, go-md2man, hugo, litmus-chaos-operator-fips, gomplate-fips, dex-fips, chronyexporter-fips, flux-source-controller-fips, virt-handler-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: cue-fips, kubebuilder, nginx-prometheus-exporter, nemo, node-problem-detector-fips, crossplane-provider-aws-wafv2, mongo-tools, dive, azuredisk-csi-fips, volume-modifier-for-k8s, grafana-pyroscope, crossplane-provider-sql, bank-vaults-fips, eks-distro-fips,...
CVE-2026-22772 vulnerabilities
Vulnerabilities for packages: falco-no-driver, gitsign, slsa-verifier, witness, zarf, kubescape, kots, skopeo, vexctl, aactl, sigstore-scaffolding, tekton-chains, falcoctl, cosign...
GHSA-59JP-PJ84-45MR vulnerabilities
Vulnerabilities for packages: falco-no-driver, gitsign, slsa-verifier, witness, zarf, kubescape, kots, skopeo, vexctl, aactl, sigstore-scaffolding, tekton-chains, falcoctl, cosign...
CVE-2026-22772 vulnerabilities
Vulnerabilities for packages: kubescape, cosign, chainctl, kyverno-policy-reporter-plugins-kyverno-fips, gitsign, slsa-verifier, vexctl, witness, zarf, falcoctl-fips, aactl, skopeo, kots, tekton-chains, podman-fips, falco-no-driver, sigstore-scaffolding, sigstore-scaffolding-fips, image-factory,...
GHSA-3WHM-J4XM-RV8X vulnerabilities
Vulnerabilities for packages: coredns, vault-benchmark, terraform, gke-gcloud-auth-plugin, minio, ko, elvish, buildah, kuberlr, kube-fluentd-operator, prometheus-blackbox-exporter, nri-consul, kyverno-policy-reporter, cosign, nri-couchbase, cloudnative-pg, velero, protoc-gen-go-grpc,...
GHSA-4F8R-QQR9-FQ8J vulnerabilities
Vulnerabilities for packages: gitsign, trivy, gh, rekor, vexctl, wolfictl, apko, spire-server, kubescape, sigstore-scaffolding, cosign, slsa-verifier, zarf, tkn, zot, tekton-chains, policy-controller, falcoctl, aactl, neuvector-sigstore-interface...
CVE-2024-47534 vulnerabilities
Vulnerabilities for packages: gitsign, trivy, gh, rekor, vexctl, wolfictl, apko, spire-server, kubescape, sigstore-scaffolding, cosign, slsa-verifier, zarf, tkn, zot, tekton-chains, policy-controller, falcoctl, aactl, neuvector-sigstore-interface...
CVE-2024-45395 vulnerabilities
Vulnerabilities for packages: slsa-verifier, cosign-fips, cosign, gh...
CVE-2024-45395 vulnerabilities
Vulnerabilities for packages: slsa-verifier, cosign, gh...
GHSA-CQ38-JH5F-37MQ vulnerabilities
Vulnerabilities for packages: slsa-verifier, cosign-fips, cosign, gh...
GHSA-CQ38-JH5F-37MQ vulnerabilities
Vulnerabilities for packages: slsa-verifier, cosign, gh...
GO-2023-2188 slsa-verifier vulnerable to mproper validation of npm's publish attestations in github.com/slsa-framework/slsa-verifier
slsa-verifier vulnerable to mproper validation of npm's publish attestations in github.com/slsa-framework/slsa-verifier...