26 matches found
GHSA-47Q9-M4WW-924M vulnerabilities
Vulnerabilities for packages: ratify, zarf, kubescape-server-fips, kyverno-notation-aws, kubescape-server, tekton-chains, kubescape, ratify-fips, cloudbeat, docker-fips, tkn, goreleaser, tekton-chains-fips, spire-server, trivy-operator-fips, aactl, gitsign, ko-fips, spire-server-fips,...
CVE-2026-48702 vulnerabilities
Vulnerabilities for packages: ratify, zarf, kubescape-server-fips, kyverno-notation-aws, kubescape-server, tekton-chains, kubescape, ratify-fips, cloudbeat, docker-fips, tkn, goreleaser, tekton-chains-fips, spire-server, trivy-operator-fips, aactl, gitsign, ko-fips, spire-server-fips,...
CVE-2026-48702 vulnerabilities
Vulnerabilities for packages: tflint, kubescape, teleport, neuvector-sigstore-interface, policy-controller, kyverno-notation-aws, falcoctl, tekton-chains, zarf, slsa-verifier, tkn, crossplane, trivy-operator, spire-server, gitsign, aactl, goreleaser, ko, ratify, kyverno...
GHSA-47Q9-M4WW-924M vulnerabilities
Vulnerabilities for packages: tflint, kubescape, teleport, neuvector-sigstore-interface, policy-controller, kyverno-notation-aws, falcoctl, tekton-chains, zarf, slsa-verifier, tkn, crossplane, trivy-operator, spire-server, gitsign, aactl, goreleaser, ko, ratify, kyverno...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: atlantis, flux-image-automation-controller, external-dns, pulumi-language-dotnet, flux-operator, witness, podman, kine, tekton-chains, flux-source-controller, zot, apko, sops, kaf, k8sgpt, cert-manager, loki, step, trivy-operator, kargo,...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: gitlab-kas-fips, kaf, tkn, aws-flb-cloudwatch, commercial-chainloop-cli, kbld, libnvidia-container, sonobuoy, commercial-grafana, kubernetes, crossplane, mesosphere-vsphere-csi-fips, ingress-nginx-controller, traefik-fips, xeol-fips, crossplane-fips, k9s-fips, task,...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: gitlab-kas-fips, kaf, tkn, aws-flb-cloudwatch, commercial-chainloop-cli, kbld, libnvidia-container, sonobuoy, commercial-grafana, kubernetes, crossplane, mesosphere-vsphere-csi-fips, ingress-nginx-controller, traefik-fips, xeol-fips, crossplane-fips, k9s-fips, task,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: yunikorn-web, cluster-api-provider-vsphere, nri-f5-fips, kubescape-http-request-fips, spire-controller-manager, commercial-grafana, emissary, cluster-api-ipam-provider-in-cluster, mesosphere-vsphere-csi-fips, step-issuer, prometheus-redis-exporter, crossplane-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy-fips, logstash-exporter, stern, nodetaint, onepassword-operator, yunikorn-web, cert-manager-csi-driver-fips, cluster-api-provider-vsphere, gitlab-kas-fips, nri-elasticsearch-fips, maru, percona-server-mongodb-operator,...
CVE-2026-22772 vulnerabilities
Vulnerabilities for packages: falcoctl, skopeo, sigstore-scaffolding, zarf, slsa-verifier, aactl, tekton-chains, kubescape, falco-no-driver, cosign, kots, vexctl, gitsign, witness, kyverno...
GHSA-59JP-PJ84-45MR vulnerabilities
Vulnerabilities for packages: falcoctl, skopeo, sigstore-scaffolding, zarf, slsa-verifier, aactl, tekton-chains, kubescape, falco-no-driver, cosign, kots, vexctl, gitsign, witness, kyverno...
CVE-2026-22772 vulnerabilities
Vulnerabilities for packages: zarf, podman-fips, kots, kyverno, tekton-chains, kubescape, flux-source-controller-fips, falco-no-driver, vexctl, aactl, gitsign, sigstore-scaffolding-fips, cosign, slsa-verifier, witness, falcoctl, skopeo, falcoctl-fips, sigstore-scaffolding, kyverno-fips,...
GHSA-3WHM-J4XM-RV8X vulnerabilities
Vulnerabilities for packages: atlantis, fq, nri-f5, pulumi-language-dotnet, cortex, nodetaint, dbmate, chartmuseum, kubernetes-ingress-defaultbackend, podman, vertical-pod-autoscaler, apko, boring-registry, yq, cloudnative-pg, sops, hugo, k8s-device-plugin, mkcert, kustomize, k8sgpt, loki, shfmt,...
GHSA-4F8R-QQR9-FQ8J vulnerabilities
Vulnerabilities for packages: sigstore-scaffolding, kubescape, neuvector-sigstore-interface, cosign, vexctl, policy-controller, falcoctl, tekton-chains, zot, apko, zarf, slsa-verifier, tkn, spire-server, gitsign, wolfictl, rekor, aactl, gh, trivy...
CVE-2024-47534 vulnerabilities
Vulnerabilities for packages: sigstore-scaffolding, kubescape, neuvector-sigstore-interface, cosign, vexctl, policy-controller, falcoctl, tekton-chains, zot, apko, zarf, slsa-verifier, tkn, spire-server, gitsign, wolfictl, rekor, aactl, gh, trivy...
CVE-2024-45395 vulnerabilities
Vulnerabilities for packages: cosign, gh, cosign-fips, slsa-verifier...
CVE-2024-45395 vulnerabilities
Vulnerabilities for packages: gh, cosign, slsa-verifier...
GHSA-CQ38-JH5F-37MQ vulnerabilities
Vulnerabilities for packages: cosign, gh, cosign-fips, slsa-verifier...
GHSA-CQ38-JH5F-37MQ vulnerabilities
Vulnerabilities for packages: gh, cosign, slsa-verifier...
GO-2023-2188 slsa-verifier vulnerable to mproper validation of npm's publish attestations in github.com/slsa-framework/slsa-verifier
slsa-verifier vulnerable to mproper validation of npm's publish attestations in github.com/slsa-framework/slsa-verifier...