135 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: telegraf, policy-controller, melange, rancher-agent, flux-source-controller, flux-notification-controller, caddy, act, gh, gitea, pulumi-language-dotnet, step-issuer, ko, syft, cilium, docker-machine-driver-harvester, buildkitd, glab, sops, gptscript, docker,...
SUSE SLES15 Security Update : terraform-provider-local, terraform-provider-null (SUSE-SU-2026:2484-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2484-1 advisory. This update for terraform-provider-local, terraform-provider-null fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infini...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-snapshotter-fips, crossplane-provider-azure-resources, fluent-operator-fips, aactl, terraform-provider-acme, chainctl, kubescape-server-fips, spegel-fips, fleet-server, flux-fips, livekit-cli, gatekeeper, neuvector-scanner, litestream,...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-snapshotter-fips, crossplane-provider-azure-resources, fluent-operator-fips, aactl, terraform-provider-acme, chainctl, kubescape-server-fips, spegel-fips, fleet-server, flux-fips, livekit-cli, gatekeeper, neuvector-scanner, litestream,...
SUSE SLES15: terraform-provider-local / terraform-provider-null / etc (SUSE-SU-2026:1411-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1411-1 advisory. This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue...
Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files can lead to the consumption of corrupted files bsc1258097...
SUSE-SU-2026:1411-1 Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls
This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: - CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files that can lead to the consumption of corrupted files...
CVE-2026-27140 vulnerabilities
Vulnerabilities for packages: go-jsonnet, tofu-controller, kube-vip, kubernetes-csi-external-resizer, metacontroller, crane, terraform-mcp-server, harbor-scanner-trivy, nri-haproxy, helm-mapkubeapis, victoriametrics, nova, coredns, rancher-fleet, oras, syft, wgcf, kubebuilder, logstash-exporter,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: tofu-controller, kube-vip, kubernetes-csi-external-resizer, metacontroller, crane, terraform-mcp-server, harbor-scanner-trivy, nri-haproxy, helm-mapkubeapis, victoriametrics, nova, coredns, rancher-fleet, oras, syft, wgcf, kubebuilder, logstash-exporter, cilium,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: tofu-controller, kube-vip, kubernetes-csi-external-resizer, metacontroller, crane, terraform-mcp-server, harbor-scanner-trivy, nri-haproxy, helm-mapkubeapis, victoriametrics, nova, coredns, rancher-fleet, oras, syft, wgcf, kubebuilder, logstash-exporter, cilium,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: migrate, telegraf, tofu-controller, cloud-provider-vsphere, kube-state-metrics, kube-vip, policy-controller, spqr, volume-modifier-for-k8s, kubernetes-csi-external-resizer, rancher-agent, rclone, flux-source-controller, datadog-agent, flux-notification-controller,...
CVE-2026-32280 vulnerabilities
Vulnerabilities for packages: kubectx, kubernetes-csi-external-snapshotter-fips, aactl, gobuster, pvc-autoresizer-fips, fuse-overlayfs-snapshotter, caddy, helm-exporter-fips, prometheus-postgres-exporter, dragonfly-operator-fips, mattermost-fips, qemu-guesthelper, kubescape-server-fips,...
GHSA-GJVH-7JH8-7XHM vulnerabilities
Vulnerabilities for packages: kubectx, kubernetes-csi-external-snapshotter-fips, aactl, gobuster, pvc-autoresizer-fips, fuse-overlayfs-snapshotter, caddy, helm-exporter-fips, prometheus-postgres-exporter, dragonfly-operator-fips, mattermost-fips, qemu-guesthelper, kubescape-server-fips,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kubectx, kubernetes-csi-external-snapshotter-fips, aactl, gobuster, pvc-autoresizer-fips, fuse-overlayfs-snapshotter, caddy, helm-exporter-fips, prometheus-postgres-exporter, dragonfly-operator-fips, mattermost-fips, qemu-guesthelper, kubescape-server-fips,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kubectx, kubernetes-csi-external-snapshotter-fips, aactl, gobuster, pvc-autoresizer-fips, fuse-overlayfs-snapshotter, caddy, helm-exporter-fips, prometheus-postgres-exporter, dragonfly-operator-fips, mattermost-fips, qemu-guesthelper, kubescape-server-fips,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: caddy, prometheus-postgres-exporter, kubescape-server-fips, protoc-gen-connect-go, polaris-fips, azuredisk-csi, gitleaks, flux-fips, protoc-gen-go-grpc, gpu-operator-fips, amazon-cloudwatch-agent, cloudnative-pg-fips, gatekeeper, mcp-grafana, aws-sigv4-proxy-fips,...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: migrate, cloud-provider-gcp-cloud-controller-manager, telegraf, cloud-provider-vsphere, kube-state-metrics, policy-controller, openfga, melange, kubernetes-csi-external-resizer, consul-k8s, helm-operator, rancher-agent, ratify, flux-source-controller, datadog-agent,...
GO-2026-4737 Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121 in github.com/argoproj-labs/terraform-provider-argocd
Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121 in github.com/argoproj-labs/terraform-provider-argocd...
Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121
Summary The terraform-provider-argocd might have been vulnerable to GO-2026-4337 / CVE-2025-68121 "Unexpected session resumption in crypto/tls". Details See https://pkg.go.dev/vuln/GO-2026-4337 for the upstream vulnerability. Provider versions starting with v7.15.1 are using go 1.25.8 for buildin...
GHSA-594F-3595-C47V Terraform Provider for ArgoCD has possible exposure to GO-2026-4337 / CVE-2025-68121
Summary The terraform-provider-argocd might have been vulnerable to GO-2026-4337 / CVE-2025-68121 "Unexpected session resumption in crypto/tls". Details See https://pkg.go.dev/vuln/GO-2026-4337 for the upstream vulnerability. Provider versions starting with v7.15.1 are using go 1.25.8 for buildin...