15 matches found
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: gostatsd, kyverno-notation-aws, argo-workflows, dapr, nri-nginx, bom, victoriametrics-cluster, vale, nfs-subdir-external-provisioner, kubernetes-csi-node-driver-registrar, syft, mariadb-operator, ytt, cloudnative-pg, nri-apache, k8ssandra-client, argo-events,...
CLEANSTART-2026-MQ21261 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142 applied in versions: 1.5.1-r0, 1.5.1-r1, 1.5.1-r2, 1.5.1-r3
Multiple security vulnerabilities affect the vertical-pod-autoscaler package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-8FJ7-8H3W-XWFM vulnerabilities
Vulnerabilities for packages: vertical-pod-autoscaler, descheduler, crossplane-provider-aws-iam, kube-rbac-proxy, crossplane-provider-aws-route53, terraform-provider-acme, cloud-sql-proxy, dex, crossplane-provider-aws-cloudformation, crossplane-provider-aws-rds, grafana-mimir, gitlab-runner,...
CVE-2026-27141 vulnerabilities
Vulnerabilities for packages: vertical-pod-autoscaler, descheduler, crossplane-provider-aws-iam, kube-rbac-proxy, crossplane-provider-aws-route53, terraform-provider-acme, cloud-sql-proxy, dex, crossplane-provider-aws-cloudformation, crossplane-provider-aws-rds, grafana-mimir, gitlab-runner,...
CVE-2026-27141 vulnerabilities
Vulnerabilities for packages: wolfictl, opentelemetry-collector-contrib, fleet-server, crossplane-provider-aws-efs, crossplane-provider-aws-servicediscovery, omnictl-multiarch-fips, opentelemetry-collector-fips, flux-fips, tigera-operator, linkerd2, telegraf, kube-vip-fips,...
GHSA-8FJ7-8H3W-XWFM vulnerabilities
Vulnerabilities for packages: wolfictl, opentelemetry-collector-contrib, fleet-server, crossplane-provider-aws-efs, crossplane-provider-aws-servicediscovery, omnictl-multiarch-fips, opentelemetry-collector-fips, flux-fips, tigera-operator, linkerd2, telegraf, kube-vip-fips,...
CVE-2025-61732 vulnerabilities
Vulnerabilities for packages: gostatsd, grype, kyverno-notation-aws, argo-workflows, crossplane-provider-aws-route53, k8sgpt, dapr, bom, victoriametrics-cluster, nfs-subdir-external-provisioner, kubernetes-csi-node-driver-registrar, syft, mariadb-operator, ytt, overmind, go-bindata, nri-apache,...
GHSA-H355-32PF-P2XM vulnerabilities
Vulnerabilities for packages: gostatsd, grype, kyverno-notation-aws, argo-workflows, crossplane-provider-aws-route53, k8sgpt, dapr, bom, victoriametrics-cluster, nfs-subdir-external-provisioner, kubernetes-csi-node-driver-registrar, syft, mariadb-operator, ytt, nri-apache, k8ssandra-client,...
CVE-2025-68121 vulnerabilities
Vulnerabilities for packages: gostatsd, grype, kyverno-notation-aws, argo-workflows, crossplane-provider-aws-route53, k8sgpt, dapr, bom, victoriametrics-cluster, nfs-subdir-external-provisioner, kubernetes-csi-node-driver-registrar, syft, mariadb-operator, ytt, nri-apache, k8ssandra-client,...
GHSA-8JVR-VH7G-F8GX vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, mockgen, kubernetes, regclient, consul, k8s-metacollector-fips, gatus-fips, grafana-image-renderer, velero-plugin-for-aws-fips, cluster-proportional-autoscaler, xeol, cilium-certgen, kserve-rest-proxy, step-fips, task-fips, wait-for-port,...
CVE-2025-68121 vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, regclient, kubernetes, consul, k8s-metacollector-fips, gatus-fips, grafana-image-renderer, cluster-proportional-autoscaler, xeol, cilium-certgen, kserve-rest-proxy, step-fips, task-fips, helm-operator-fips, kafkaexporter, kubeflow-fips,...
CVE-2025-61732 vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, mockgen, kubernetes, regclient, consul, k8s-metacollector-fips, gatus-fips, grafana-image-renderer, velero-plugin-for-aws-fips, cluster-proportional-autoscaler, xeol, cilium-certgen, kserve-rest-proxy, step-fips, task-fips, wait-for-port,...
CLEANSTART-2026-UM63521 Within HostnameError
Multiple security vulnerabilities affect the vertical-pod-autoscaler-fips package. Within HostnameError. See references for individual vulnerability details...
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: kubeflow, kaf, kubernetes, slsa-verifier, kaniko, cluster-proportional-autoscaler, helm-operator-fips, kubeflow-fips, grpc-health-probe, nfs-subdir-external-provisioner, crossplane-provider-aws-kinesis, ctop, cosign-fips, prometheus-postgres-exporter, eksctl, trillia...
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: crossplane-provider-azure, kaf, flux-notification-controller, kubeflow, runc, slsa-verifier, buildkitd, prometheus-blackbox-exporter, terraform-provider-sendgrid-fips, prometheus-operator, smarter-device-manager-fips, dynamic-localpv-provisioner-fips, kubeflow-fips,...