Lucene search
K

54 matches found

Wolfi
Wolfi
added yesterday3 views

GHSA-F5MR-Q85P-6HH6 vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, kubescape, tekton-chains, aactl, skopeo, gitsign, undock, zarf, kyverno, witness, flux-source-controller, podman...

5.8AI score
Exploits0
Wolfi
Wolfi
added yesterday3 views

CVE-2026-49478 vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, kubescape, tekton-chains, aactl, skopeo, gitsign, undock, zarf, kyverno, witness, flux-source-controller, podman...

5.8AI score
Exploits0
Chainguard
Chainguard
added yesterday2 views

GHSA-F5MR-Q85P-6HH6 vulnerabilities

Vulnerabilities for packages: flux-source-controller, podman, prometheus-podman-exporter-fips, podman-fips, portieris-fips, kyverno-notation-aws-fips, kyverno, chainctl-fips, skopeo, kubescape-server, aactl, gitsign, zarf-fips, undock, buildah-fips, kyverno-fips, falcoctl-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added yesterday3 views

CVE-2026-49478 vulnerabilities

Vulnerabilities for packages: flux-source-controller, podman, prometheus-podman-exporter-fips, podman-fips, portieris-fips, kyverno-notation-aws-fips, kyverno, chainctl-fips, skopeo, kubescape-server, aactl, gitsign, zarf-fips, undock, buildah-fips, kyverno-fips, falcoctl-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 6 days ago4 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: seaweedfs-rocksdb-fips, frankenphp-8.5, osv-scanner, containerd, cloud-provider-aws, prometheus-operator, telegraf, gitlab-workhorse-ce-fips, k9s-fips, kubescape-server, trivy-operator, knative-kafka-broker, coder-fips, aactl, drone, k3s, calico-fips, zarf-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 6 days ago4 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: seaweedfs-rocksdb-fips, frankenphp-8.5, osv-scanner, containerd, cloud-provider-aws, prometheus-operator, telegraf, gitlab-workhorse-ce-fips, k9s-fips, kubescape-server, trivy-operator, knative-kafka-broker, coder-fips, aactl, drone, k3s, calico-fips, zarf-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 6 days ago4 views

GHSA-78MQ-XCR3-XM33 vulnerabilities

Vulnerabilities for packages: terragrunt, amazon-ssm-agent, podman, pulumi, wolfictl, grype-db, prometheus-podman-exporter-fips, podman-fips, pulumi-kubernetes-operator, frankenphp-8.5, osv-scanner, containerd, cloud-provider-aws, prometheus-operator, telegraf, gitlab-workhorse-ce-fips, k9s-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 6 days ago3 views

GHSA-QPW4-5X99-6VJP vulnerabilities

Vulnerabilities for packages: seaweedfs-rocksdb-fips, terragrunt, amazon-ssm-agent, podman, pulumi, wolfictl, peerdb-flow, grype-db, prometheus-podman-exporter-fips, podman-fips, pulumi-kubernetes-operator, frankenphp-8.5, osv-scanner, containerd, cloud-provider-aws, prometheus-operator, telegraf...

5.8AI score
Exploits0
Chainguard
Chainguard
added 6 days ago4 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure-network, seaweedfs-rocksdb-fips, terraform-provider-azurerm, crossplane-provider-azure-servicefabric, terragrunt, amazon-ssm-agent, crossplane-provider-azure-servicelinker, podman, pulumi, wolfictl, peerdb-flow, grype-db,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 6 days ago6 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: pulumi-kubernetes-operator, rootlesskit, gomplate, opentelemetry-collector, loki, pulumi, grype, chisel, pulumi-language-yaml, docker-cli-buildx, flux-kustomize-controller, policy-controller, eksctl, glab, kargo, tekton-chains, gitea, minio, kaf, ko, atlantis, kyvern...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/05 4:32 p.m.3 views

GHSA-JJRM-HR5F-673X Source controller: Improper path handling allows traversal

Impact An actor with the ability to influence the contents of a bucket referenced by a Bucket resource can cause source-controller to write fetched object data to paths outside the per-reconciliation working directory. The corruption surface is bounded by source-controller's own and downstream Fl...

5.3CVSS5.6AI score0.00052EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/05 4:32 p.m.13 views

Source controller: Improper path handling allows traversal

Impact An actor with the ability to influence the contents of a bucket referenced by a Bucket resource can cause source-controller to write fetched object data to paths outside the per-reconciliation working directory. The corruption surface is bounded by source-controller's own and downstream Fl...

5.6AI score0.00052EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.10 views

PT-2026-47088

Name of the Vulnerable Software and Affected Versions source-controller versions prior to 1.8.5 Description Improper path handling allows for path traversal in two scenarios. First, an actor capable of influencing the contents of a bucket referenced by a Bucket resource can force the...

5.3CVSS5.9AI score0.00052EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from trusting the xappid field in the trust E42 message without binding it to the sender’s SCTP association. As a result, remote...

7.5CVSS5.4AI score0.0057EPSS
Exploits1References3
Wolfi
Wolfi
added 2026/05/12 7:48 a.m.13 views

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: osv-scanner, pulumi-kubernetes-operator, dagger, gomplate, grafana-alloy, grafana, teleport, flux-source-controller, pulumi, grype, xeol, trufflehog, argo-workflows, nfpm, syft, trivy, argo-cd, pulumi-language-yaml, kaniko, apko, bom, gitaly, steampipe, skaffold, zar...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/12 7:19 a.m.33 views

CVE-2026-45022 vulnerabilities

Vulnerabilities for packages: argo-workflows, terragrunt, amazon-ssm-agent, wolfictl, pulumi, grype-db, pulumi-kubernetes-operator, osv-scanner, bom, k9s-fips, kubescape-server, trivy-operator, coder-fips, gitaly, grafana-alloy-fips, zarf-fips, gitea-fips, kyverno-fips, kaniko, scorecard,...

7.5CVSS5.8AI score0.00159EPSS
Exploits0
Wolfi
Wolfi
added 2026/05/09 7:48 p.m.17 views

GHSA-PMWQ-PJRM-6P5R vulnerabilities

Vulnerabilities for packages: cosign, dagger, docker, ratify, slsa-verifier, flux-source-controller, teleport, tkn, rekor, trivy, vexctl, docker-cli-buildx, bom, policy-controller, zarf, skaffold, kyverno-notation-aws, trivy-operator, tekton-chains, aactl, gitsign, ko, kyverno, buildkitd, guac,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/09 7:17 p.m.8 views

GHSA-PMWQ-PJRM-6P5R vulnerabilities

Vulnerabilities for packages: bom, kubescape-server, trivy-operator, docker-cli-buildx, cosign, chainloop-control-plane, aactl, spire-server-fips, docker-compose, chainloop-control-plane-fips, zarf-fips, kyverno-fips, buildkitd-fips, kyverno-notation-aws, tekton-chains-fips, goreleaser,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/04/17 1:48 a.m.11 views

CVE-2026-39984 vulnerabilities

Vulnerabilities for packages: cosign, docker, teleport, flux-source-controller, tkn, trivy, vexctl, docker-cli-buildx, policy-controller, zarf, skaffold, kyverno-notation-aws, trivy-operator, tekton-chains, aactl, gitsign, ko, kyverno, witness, sigstore-scaffolding, buildkitd, kubescape, zot, gh,...

5.5CVSS7.1AI score0.00099EPSS
Exploits0
Wolfi
Wolfi
added 2026/04/17 1:48 a.m.14 views

GHSA-XM5M-WGH2-RRG3 vulnerabilities

Vulnerabilities for packages: cosign, docker, teleport, flux-source-controller, tkn, trivy, vexctl, docker-cli-buildx, policy-controller, zarf, skaffold, kyverno-notation-aws, trivy-operator, tekton-chains, aactl, gitsign, ko, kyverno, witness, sigstore-scaffolding, buildkitd, kubescape, zot, gh,...

5.8AI score
Exploits0
Rows per page
Query Builder