CVE-2026-41178 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-ecs, crossplane-provider-azure-relay, drone-fips, cadvisor-fips, dapr, helmfile, kyverno, neuvector, percona-backup-mongodb-fips, tetragon, crossplane-provider-azure-authorization, eck-operator-fips, databricks-cli-fips, datadog-agent-fips,...

GHSA-5WRP-CWCJ-Q835 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-ecs, crossplane-provider-azure-relay, drone-fips, cadvisor-fips, dapr, helmfile, kyverno, neuvector, percona-backup-mongodb-fips, tetragon, crossplane-provider-azure-authorization, eck-operator-fips, databricks-cli-fips, datadog-agent-fips,...

CLEANSTART-2026-WL14185 spdystream is a Go library for multiplexing streams over SPDY connections

Multiple security vulnerabilities affect the velero-fips package. spdystream is a Go library for multiplexing streams over SPDY connections. See references for individual vulnerability details...

CLEANSTART-2026-VN02574 spdystream is a Go library for multiplexing streams over SPDY connections

Multiple security vulnerabilities affect the velero-fips package. spdystream is a Go library for multiplexing streams over SPDY connections. See references for individual vulnerability details...

CLEANSTART-2026-FB07695 When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint

Multiple security vulnerabilities affect the velero-fips package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability...

GHSA-78H2-9FRX-2JM8 vulnerabilities

Vulnerabilities for packages: dapr, rekor-fips, kyverno, cilium, thanos, juicefs, cloudprober-fips, spire-server-fips, kyverno-policy-reporter-plugins-kyverno-fips, prometheus-mongodb-exporter, frankenphp-8.5, seaweedfs-rocksdb-fips, rook, cerbos, cg, k9s-fips, spiffe-helper-fips, datadog-agent,...

CLEANSTART-2026-LS12576 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.16.2-r2, 1.17.2-r0, 1.17.2-r1, 1.18.0-r0

Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-DI05920 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the velero-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-FZ95989 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the velero-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-LA33013 Within HostnameError

Multiple security vulnerabilities affect the velero-fips package. Within HostnameError. See references for individual vulnerability details...

CLEANSTART-2025-OB44035 Security fixes for CVE-2025-61729, GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 1.16.2-r2

Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual CVE and GHSA details...