63 matches found
CLEANSTART-2026-XS86531 Security fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-27139, CVE-2026-32282, CVE-2026-32288, CVE-2026-32289, CVE-2026-33186, CVE-2026-39817, CVE-2026-39819, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-42502, CVE-2026-42506, ghsa-p77j-4mvh-x3m3 applied in versions: 0.7.1-r0, 0.7.1-r1, 0.7.1-r2
Multiple security vulnerabilities affect the velero-plugin-for-csi package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-EY91394 Security fixes for CVE-2026-25679, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.13.2-r0, 1.13.2-r1
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-CV84139 Security fixes for CVE-2026-25679, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.13.1-r1, 1.13.2-r0, 1.13.2-r1
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-FY61868 Security fixes for CVE-2026-25679, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.13.2-r0, 1.13.2-r1
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-SC97100 Security fixes for CVE-2026-25679, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.13.1-r1, 1.13.2-r0, 1.13.2-r1
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: velero, fluent-operator, cass-operator-fips-no-pvc-delete, aws-iam-authenticator-fips, amazon-eks-ami, kubernetes-csi-driver-nfs-fips, opentelemetry-ebpf-instrumentation-fips, secrets-store-csi-driver-provider-gcp, step-ca-fips, eck-operator-fips, traefik-fips, tbot,...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: velero, fluent-operator, cass-operator-fips-no-pvc-delete, aws-iam-authenticator-fips, amazon-eks-ami, kubernetes-csi-driver-nfs-fips, opentelemetry-ebpf-instrumentation-fips, secrets-store-csi-driver-provider-gcp, step-ca-fips, eck-operator-fips, traefik-fips, tbot,...
CLEANSTART-2026-DX24417 Security fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-27139, CVE-2026-32282, CVE-2026-32288, CVE-2026-32289, CVE-2026-33186, CVE-2026-39817, CVE-2026-39819, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-42502, CVE-2026-42506, ghsa-p77j-4mvh-x3m3 applied in versions: 0.7.1-r0, 0.7.1-r1, 0.7.1-r2
Multiple security vulnerabilities affect the velero-plugin-for-csi package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-XQ22308 Security fixes for CVE-2026-25679, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.13.2-r0, 1.13.2-r1
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-ON25409 Security fixes for CVE-2026-25679, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.13.1-r1, 1.13.2-r0, 1.13.2-r1
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-QO29688 Security fixes for CVE-2025-46394, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58251, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-35469, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, ghsa-cgrx-mc8f-2prm, ghsa-m6hq-p25p-ffr2, ghsa-pwhc-rpq9-4c8w, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.17.0-r0, 1.17.0-r1, 1.17.2-r0, 1.17.2-r2
Multiple security vulnerabilities affect the velero package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-GB83728 Security fixes for CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 1.14.0-r0, 1.14.0-r1, 1.14.0-r2
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-BS27946 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, CVE-2026-42501, ghsa-78h2-9frx-2jm8, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-pc3f-x583-g7j2, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.16.2-r2, 1.17.2-r0, 1.17.2-r1, 1.18.0-r0, 1.18.0-r1, 1.18.0-r2, 1.18.0-r3
Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-BN09969 Security fixes for CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-78h2-9frx-2jm8, ghsa-hfvc-g4fc-pqhx, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 1.14.0-r2
Multiple security vulnerabilities affect the velero-plugin-for-gcp-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Security Bulletin: IBM App Connect Enterprise Certified Container backup and restore is vulnerable to authorization bypass (CVE-2026-33186)
Summary gRPC-Go is used by the IBM App Connect Enterprise Certified Container Velero image. IBM App Connect Enterprise Certified Container deployments that use Velero for backup and restore are vulnerable to authorization bypass. This bulletin provides patch information to address the reported...
CLEANSTART-2026-WL14185 spdystream is a Go library for multiplexing streams over SPDY connections
Multiple security vulnerabilities affect the velero-fips package. spdystream is a Go library for multiplexing streams over SPDY connections. See references for individual vulnerability details...
CLEANSTART-2026-VN02574 spdystream is a Go library for multiplexing streams over SPDY connections
Multiple security vulnerabilities affect the velero-fips package. spdystream is a Go library for multiplexing streams over SPDY connections. See references for individual vulnerability details...
GHSA-PC3F-X583-G7J2 vulnerabilities
Vulnerabilities for packages: rancher-fleet, verticadb-operator, k3s, cert-manager-istio-csr, kiali, gitlab-kas, aws-node-termination-handler, sonobuoy, kubescape, jitsucom-bulker, trivy-operator, trivy, dynamic-localpv-provisioner, infinispan-operator, kube-arangodb, envoy-gateway, rancher-agent...
CVE-2026-35469 vulnerabilities
Vulnerabilities for packages: rancher-fleet, verticadb-operator, k3s, cert-manager-istio-csr, kiali, gitlab-kas, aws-node-termination-handler, sonobuoy, kubescape, jitsucom-bulker, trivy-operator, trivy, dynamic-localpv-provisioner, infinispan-operator, kube-arangodb, envoy-gateway, rancher-agent...
GHSA-PC3F-X583-G7J2 vulnerabilities
Vulnerabilities for packages: cloudnative-pg-fips, velero, consul-k8s-fips, headlamp-fips, argo-rollouts, headlamp, velero-fips, argocd-image-updater, rke2-runtime, k8s-driver-manager-fips, envoy-gateway, kubescape-server, eck-operator-fips, infinispan-operator, rancher-support-bundle-kit,...