Lucene search
+L

54 matches found

wolfi
wolfi
added 2026/07/01 8:21 p.m.15 views

CVE-2026-49478 vulnerabilities

Vulnerabilities for packages: flux-source-controller, kyverno, aactl, falcoctl, buildah, gitsign, undock, kyverno-notation-aws, witness, zarf, kubescape, tekton-chains, podman, skopeo, slsa-verifier, kots, ratify...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/07/01 8:21 p.m.18 views

GHSA-F5MR-Q85P-6HH6 vulnerabilities

Vulnerabilities for packages: flux-source-controller, kyverno, aactl, falcoctl, buildah, gitsign, undock, kyverno-notation-aws, witness, zarf, kubescape, tekton-chains, podman, skopeo, slsa-verifier, kots, ratify...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/01 2:16 p.m.7 views

GHSA-F5MR-Q85P-6HH6 vulnerabilities

Vulnerabilities for packages: podman, ratify, buildah, gitsign, kots, falcoctl, flux-source-controller-fips, witness, buildah-fips, aactl, tekton-chains, skopeo-fips, skopeo, flux-source-controller, kubescape-server, kyverno, zarf, kubescape, podman-fips, prometheus-podman-exporter-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/01 2:16 p.m.6 views

CVE-2026-49478 vulnerabilities

Vulnerabilities for packages: podman, ratify, buildah, gitsign, kots, falcoctl, flux-source-controller-fips, witness, buildah-fips, aactl, tekton-chains, skopeo-fips, skopeo, flux-source-controller, kubescape-server, kyverno, zarf, kubescape, podman-fips, prometheus-podman-exporter-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/06/26 8:22 p.m.4 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: external-secrets-operator-fips, kots, argo-cd-fips, frankenphp-8.3, flux-source-controller-fips, gitea-fips, flux, spire-server, tigera-operator, knative-eventing-fips, aactl, coder, opentofu, zitadel, commercial-grafana, prometheus, flux-fips, omnictl-multiarch,...

6.1AI score
Exploits0
cgr
cgr
added 2026/06/26 8:22 p.m.7 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: external-secrets-operator-fips, buildah, crossplane-provider-azure-synapse, gh, kots, argo-cd-fips, falcoctl, frankenphp-8.3, flux-source-controller-fips, ko-fips, chezmoi, gitea-fips, flux, spire-server, tigera-operator, knative-eventing-fips,...

6.1AI score
Exploits0
cgr
cgr
added 2026/06/26 8:22 p.m.8 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: external-secrets-operator-fips, kots, argo-cd-fips, frankenphp-8.3, flux-source-controller-fips, gitea-fips, flux, spire-server, tigera-operator, knative-eventing-fips, aactl, coder, opentofu, zitadel, commercial-grafana, prometheus, flux-fips, omnictl-multiarch,...

6.1AI score
Exploits0
cgr
cgr
added 2026/06/26 8:22 p.m.7 views

GHSA-78MQ-XCR3-XM33 vulnerabilities

Vulnerabilities for packages: external-secrets-operator-fips, kots, argo-cd-fips, frankenphp-8.3, flux-source-controller-fips, chezmoi, gitea-fips, flux, spire-server, tigera-operator, knative-eventing-fips, nuclei, aactl, syft-fips, grype-fips, dagger, opentofu, zitadel, commercial-grafana,...

6.1AI score
Exploits0
cgr
cgr
added 2026/06/26 8:22 p.m.6 views

GHSA-QPW4-5X99-6VJP vulnerabilities

Vulnerabilities for packages: external-secrets-operator-fips, gh, kots, argo-cd-fips, frankenphp-8.3, flux-source-controller-fips, chezmoi, gitea-fips, flux, spire-server, tigera-operator, knative-eventing-fips, nuclei, aactl, syft-fips, grype-fips, coder, dagger, opentofu, zitadel,...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/06/26 8:22 p.m.9 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: chisel, grype, gitea, flux, kubescape, zot, helm, argocd-image-updater, syft, pulumi-language-yaml, docker-cli-buildx, external-dns, cert-manager, pulumi-language-java, mods, kots, flux-source-controller, gatus, flux-image-automation-controller, kubernetes, kargo,...

6.1AI score
Exploits0
osv
osv
added 2026/06/05 4:32 p.m.4 views

GHSA-JJRM-HR5F-673X Source controller: Improper path handling allows traversal

Impact An actor with the ability to influence the contents of a bucket referenced by a Bucket resource can cause source-controller to write fetched object data to paths outside the per-reconciliation working directory. The corruption surface is bounded by source-controller's own and downstream Fl...

5.3CVSS5.6AI score0.00052EPSS
Exploits0References4
github
github
added 2026/06/05 4:32 p.m.15 views

Source controller: Improper path handling allows traversal

Impact An actor with the ability to influence the contents of a bucket referenced by a Bucket resource can cause source-controller to write fetched object data to paths outside the per-reconciliation working directory. The corruption surface is bounded by source-controller's own and downstream Fl...

5.6AI score0.00052EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.15 views

PT-2026-47088

Name of the Vulnerable Software and Affected Versions source-controller versions prior to 1.8.5 Description Improper path handling allows for path traversal in two scenarios. First, an actor capable of influencing the contents of a bucket referenced by a Bucket resource can force the...

5.3CVSS5.9AI score0.00052EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/06/01 12:0 a.m.13 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from trusting the xappid field in the trust E42 message without binding it to the sender’s SCTP association. As a result, remote...

7.5CVSS5.4AI score0.0057EPSS
Exploits1References3
wolfi
wolfi
added 2026/05/12 7:48 a.m.17 views

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: rancher-fleet, external-secrets-operator, grype, nfpm, gitea, flux, xeol, zarf, kubescape, grafana-alloy, zot, syft, gitlab-runner, argocd-image-updater, trivy-operator, wolfictl, gitaly, apko, kubevela, src-fingerprint, crossplane, bom, tfsec, steampipe,...

6.1AI score
Exploits0
cgr
cgr
added 2026/05/12 7:19 a.m.35 views

CVE-2026-45022 vulnerabilities

Vulnerabilities for packages: external-secrets-operator-fips, kots, argo-cd-fips, gitea-fips, flux, nuclei, syft-fips, grype-fips, coder, dagger, grafana, tfsec, packer-fips, flux-fips, grafana-alloy-fips, terragrunt, gitlab-rails-ce, zarf-fips, kyverno-fips, k9s-fips, grafana-alloy, gitaly,...

7.5CVSS6.1AI score0.00159EPSS
Exploits0
wolfi
wolfi
added 2026/05/09 7:48 p.m.20 views

GHSA-PMWQ-PJRM-6P5R vulnerabilities

Vulnerabilities for packages: docker-compose, kyverno-notation-aws, zarf, kubescape, zot, trivy-operator, gitlab-runner, slsa-verifier, gh, tkn, aactl, docker-cli-buildx, crossplane, bom, tekton-chains, dagger, flux-source-controller, trivy, spire-server, goreleaser, buildkitd, ko,...

6.1AI score
Exploits0
cgr
cgr
added 2026/05/09 7:17 p.m.14 views

GHSA-PMWQ-PJRM-6P5R vulnerabilities

Vulnerabilities for packages: gh, falcoctl, ko-fips, flux-source-controller-fips, spire-server, chainloop-control-plane, aactl, tekton-chains, dagger, kyverno-notation-aws, docker-compose-fips, zarf-fips, policy-controller-fips, kyverno-fips, slsa-verifier, kyverno-notation-aws-fips, tflint,...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/04/17 1:48 a.m.14 views

CVE-2026-39984 vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, sigstore-scaffolding, zarf, kubescape, zot, trivy-operator, slsa-verifier, gh, tkn, aactl, docker-cli-buildx, crossplane, tekton-chains, flux-source-controller, trivy, spire-server, goreleaser, buildkitd, ko, policy-controller, teleport, vexctl,...

5.5CVSS7AI score0.00099EPSS
Exploits0
wolfi
wolfi
added 2026/04/17 1:48 a.m.14 views

GHSA-XM5M-WGH2-RRG3 vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, sigstore-scaffolding, zarf, kubescape, zot, trivy-operator, slsa-verifier, gh, tkn, aactl, docker-cli-buildx, crossplane, tekton-chains, flux-source-controller, trivy, spire-server, goreleaser, buildkitd, ko, policy-controller, teleport, vexctl,...

6.1AI score
Exploits0
Rows per page
Query Builder