44 matches found
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: teleport, kots, consul-k8s, cluster-api-helm-controller, rancher-helm, kubescape, cilium-cli, trivy, chartmuseum, zot, chart-testing, zarf, k8ssandra-client, helm-operator, helm-push, cert-manager-cmctl, eksctl, tw, flux-helm-controller, flux-source-controller, k9s,...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: teleport, kots, consul-k8s, cluster-api-helm-controller, rancher-helm, kubescape, cilium-cli, trivy, chartmuseum, zot, chart-testing, zarf, k8ssandra-client, helm-operator, helm-push, cert-manager-cmctl, eksctl, tw, flux-helm-controller, flux-source-controller, k9s,...
CVE-2025-32386 vulnerabilities
Vulnerabilities for packages: teleport, kots, consul-k8s, cluster-api-helm-controller, rancher-helm, kubescape, cilium-cli, trivy, chartmuseum, zot, chart-testing, zarf, k8ssandra-client, helm-operator, helm-push, cert-manager-cmctl, eksctl, tw, flux-helm-controller, flux-source-controller, k9s,...
GHSA-5XQW-8HWV-WG92 vulnerabilities
Vulnerabilities for packages: teleport, kots, consul-k8s, cluster-api-helm-controller, rancher-helm, kubescape, cilium-cli, trivy, chartmuseum, zot, chart-testing, zarf, k8ssandra-client, helm-operator, helm-push, cert-manager-cmctl, eksctl, tw, flux-helm-controller, flux-source-controller, k9s,...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: skaffold, gatekeeper, teleport, kaniko, osv-scanner, ctop, spegel, kots, consul-k8s, cluster-api-helm-controller, kubescape, cilium-cli, dagger, trivy, xeol, chartmuseum, zot, k8ssandra-client, wolfictl, helm-operator, helm-push, grype, neuvector-scanner,...
CVE-2024-40635 vulnerabilities
Vulnerabilities for packages: envoy-gateway-fips, cert-manager-cmctl, kots, flux-helm-controller-fips, chartmuseum, ctop, buildkitd, datadog-agent-fips, docker-compose-fips, eksctl, beats, cluster-api-helm-controller-fips, consul-k8s-fips, kubevela, zot, gatekeeper, newrelic-infrastructure-agent,...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: envoy-gateway-fips, cert-manager-cmctl, kots, flux-helm-controller-fips, chartmuseum, ctop, buildkitd, datadog-agent-fips, docker-compose-fips, eksctl, beats, cluster-api-helm-controller-fips, consul-k8s-fips, kubevela, zot, gatekeeper, newrelic-infrastructure-agent,...
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: teleport, opentelemetry-collector, falcoctl, sqlpad, rekor, fulcio, hugo, chezmoi, prometheus-operator, trino, kubescape, tempo, trivy, policy-controller, argo-workflows, py3-azure-identity, zot, velero, boring-registry, opentelemetry-collector-contrib, grafana-mimir...
GO-2024-2859 source-controller leaks Azure Storage SAS token into logs in github.com/fluxcd/source-controller
source-controller leaks Azure Storage SAS token into logs in github.com/fluxcd/source-controller...
CVE-2024-31216 source-controller leaks theAzure Storage SAS token into logs on connection errors
The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit. Prior to versi...
CVE-2024-31216 source-controller leaks theAzure Storage SAS token into logs on connection errors
The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit. Prior to versi...
CVE-2024-31216 source-controller leaks theAzure Storage SAS token into logs on connection errors
The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit. Prior to versi...
Source controller 安全漏洞
Source controller is a component of the Flux project. A security vulnerability exists in source-controller versions prior to 1.2.5. An attacker can exploit this vulnerability to gain access to Azure Blob Storage...
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: helm-push, cert-manager-fips, zarf, kubescape, cert-manager, up, zot, k8sgpt, k9s, helm-operator, kots, cilium-cli, trivy, kubevela, flux-helm-controller, eksctl, flux-source-controller, chartmuseum...
GHSA-V53G-5GJP-272R vulnerabilities
Vulnerabilities for packages: k9s, up, eksctl, helm-operator, helm-push, k8sgpt, kots, flux-helm-controller, kubevela, kubescape, cilium-cli, zot, trivy, chartmuseum, flux-source-controller, zarf...
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: helm-push, cert-manager-fips, zarf, kubescape, cert-manager, up, zot, k8sgpt, k9s, helm-operator, kots, cilium-cli, trivy, kubevela, flux-helm-controller, eksctl, flux-source-controller, chartmuseum...
GHSA-VFP6-JRW2-99G9 vulnerabilities
Vulnerabilities for packages: apko, tkn, ko, skaffold, slsa-verifier, kubescape, tekton-chains, falco, cosign, melange, aactl, falcoctl-fips, spire-server-fips, spire-server, policy-controller, flux-source-controller...
CVE-2023-46737 vulnerabilities
Vulnerabilities for packages: apko, tkn, ko, skaffold, slsa-verifier, kubescape, tekton-chains, falco, cosign, melange, aactl, falcoctl-fips, spire-server-fips, spire-server, policy-controller, flux-source-controller...
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: bom, scorecard, falco, falcoctl-fips, spire-server-fips, chartmuseum, paranoia, k3s, ctop, slsa-verifier, kubescape, up, k3d, rancher-agent, skaffold, tekton-chains, aactl, cert-manager, kpt...
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: scorecard, kubeflow, up, slsa-verifier, falco, src, spark-operator, aactl, dgraph, buildkitd, ipfs, terraform-provider-sendgrid, kubevela, kubescape, k3d, prometheus-blackbox-exporter, cortex...