105 matches found
Amazon Linux 2023 : soci-snapshotter (ALAS2023-2026-1884)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1884 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an...
Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-131 (ALASDOCKER-2026-131)
The version of soci-snapshotter installed on the remote host is prior to 0.14.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-131 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-2568...
CLEANSTART-2026-VO11205 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2, 8.4.0-r3, 8.4.0-r4
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-YK91867 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2, 8.4.0-r3, 8.4.0-r4
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-RQ86436 Security fixes for CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.5.0-r0, 8.5.0-r1, 8.5.0-r2, 8.5.0-r3
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-123 (ALASDOCKER-2026-123)
The version of soci-snapshotter installed on the remote host is prior to 0.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-123 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C...
Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-118 (ALASDOCKER-2026-118)
The version of soci-snapshotter installed on the remote host is prior to 0.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-118 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go...
CVE-2026-46680 vulnerabilities
Vulnerabilities for packages: rancher, gogatekeeper, neuvector-scanner, envoy-gateway, kubescape, tigera-operator, rancher-agent, xeol, helm-push, wolfictl, tw, docker, scorecard, spegel, ctop, opa-envoy, cluster-api-helm-controller, kubescape-operator, k8ssandra-client, docker-compose,...
CVE-2026-46680 vulnerabilities
Vulnerabilities for packages: kubevela, packer-fips, zarf-fips, xeol, osv-scanner, rancher, k9s-fips, containerd-fips, grype-db, neuvector-scanner, trivy-fips, fuse-overlayfs-snapshotter, livekit-cli, cloudbeat, kubescape-operator, manifest-tool, kubescape-operator-fips, neuvector-fips, k8sgpt,...
Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-107 (ALASDOCKER-2026-107)
"The version of soci-snapshotter installed on the remote host is prior to 0.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-107 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
Amazon Linux 2023 : soci-snapshotter (ALAS2023-2026-1573)
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1573 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir o...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, grpcurl, kube-vip, lazydocker, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, pulumi-language-yaml, snyk-cli, rancher-fleet, sriov-network-device-plugin, xeol, certificate-transparency, k8ssandra-operator, caddy,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: terraform-provider-pagerduty-fips, gcp-compute-persistent-disk-csi-driver-fips, kube-fluentd-operator, langfuse-fips, prometheus-elasticsearch-exporter-fips, redpanda, esbuild, policy-bot, spire-server, ipfs-cluster-fips, minc, spire-controller-manager-fips,...
CLEANSTART-2026-LC01167 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-WM95952 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.5.0-r0, 8.5.0-r1
Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
OESA-2026-1599 kata-containers-go security update
This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, snyk-cli, pulumi-language-yaml, terragrunt, sriov-network-device-plugin, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, src,...
GHSA-J3GX-2473-5FP8 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, configmap-reload, croc, nri-cassandra, crossplane-provider-aws-s3, crossplane-provider-aws-eks, src, k8ssandra-operator, openbao-k8s, thanos, authservice, neuvector-dbgen, docker-compose, telegraf, cluster-autoscaler,...
CVE-2026-27142 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, snyk-cli, pulumi-language-yaml, terragrunt, sriov-network-device-plugin, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, src,...
CVE-2026-27139 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, configmap-reload, croc, crossplane-provider-aws-s3, crossplane-provider-aws-eks, src, k8ssandra-operator, openbao-k8s, thanos, authservice, neuvector-dbgen, renovate, docker-compose, telegraf, cluster-autoscaler, kube-arangodb,...