14 matches found
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: goreleaser, grafana-agent-operator, kserve-rest-proxy, kubernetes-csi-driver-hostpath, knative-client, newrelic-infrastructure-agent, mc, rclone, helm-mapkubeapis, hubble-ui, tailscale, vault-benchmark, golangci-lint, k8ssandra-client, kubescape, spqr, gitaly,...
CVE-2025-15558 vulnerabilities
Vulnerabilities for packages: ko, scorecard, bento, harbor-scanner-trivy, slsa-verifier, kubescape-operator, gitsign, gh, istio, k3d, kubeflow-katib, zot, dive, argo-workflows, kwok, policy-controller, xeol, openbao, traefik, cosign, witness, rancher-system-agent, rke2-cloud-provider, dagdotdev,...
GHSA-P436-GJF2-799P vulnerabilities
Vulnerabilities for packages: ko, scorecard, bento, harbor-scanner-trivy, slsa-verifier, kubescape-operator, gitsign, gh, istio, k3d, kubeflow-katib, zot, dive, argo-workflows, kwok, policy-controller, xeol, openbao, traefik, cosign, witness, rancher-system-agent, rke2-cloud-provider, dagdotdev,...
CVE-2025-15558 vulnerabilities
Vulnerabilities for packages: rke2-cloud-provider-fips, harbor-scanner-trivy, kbld-fips, k9s, kyverno-policy-reporter-plugins-kyverno-fips, flux-helm-controller, aactl, flux-notification-controller, kubeflow-katib, harbor, ory-kratos-fips, vexctl, harbor-scanner-trivy-fips, vitess, dive,...
GHSA-P436-GJF2-799P vulnerabilities
Vulnerabilities for packages: rke2-cloud-provider-fips, harbor-scanner-trivy, kbld-fips, k9s, kyverno-policy-reporter-plugins-kyverno-fips, flux-helm-controller, aactl, flux-notification-controller, kubeflow-katib, harbor, ory-kratos-fips, vexctl, harbor-scanner-trivy-fips, vitess, dive,...
Security update for vexctl
This update for vexctl fixes the following issues: Update to version 0.4.1+git78.f951e3a: CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...
SUSE-SU-2026:0592-1 Security update for vexctl
This update for vexctl fixes the following issues: - Update to version 0.4.1+git78.f951e3a: - CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 - CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...
OPENSUSE-SU-2026:10230-1 vexctl-0.4.1+git78.f951e3a-1.1 on GA media
These are all security issues fixed in the vexctl-0.4.1+git78.f951e3a-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-47906 vulnerabilities
Vulnerabilities for packages: kserve-rest-proxy, gostatsd, custom-pod-autoscaler-operator, k8sgpt-operator, terraform-provider-time, git-lfs, shfmt, secrets-store-csi-driver-provider-aws, gitsign, vault-benchmark, local-path-provisioner, confluent-common-docker, addon-resizer, lvm-driver,...
GHSA-GWRF-JF3H-W649 vulnerabilities
Vulnerabilities for packages: newrelic-fluent-bit-output, consul-fips, prometheus-adapter, php-fpmexporter, nvidia-nsight-compute-12.8, linkerd2-proxy-init, wazero-fips, falco, pvc-autoresizer, rancher-machine, gitlab-runner, nvidia-nsight-compute-13.0, vexctl, apm-server-fips, lvm-driver,...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: kor, goreleaser, newrelic-infrastructure-agent, fq, govulncheck, configmap-reload, dockerize, shfmt, hubble-ui, litefs, tailscale, golangci-lint, rqlite, pulumi-kubernetes-operator, vite, mongo-tools, kubevela, argo-workflows, aws-flb-cloudwatch,...
CVE-2024-21664 vulnerabilities
Vulnerabilities for packages: boring-registry, falco, vexctl, mc, external-secrets-operator, gitsign, minio, kubescape, tekton-chains, spire-server, falcoctl...
CVE-2023-49290 vulnerabilities
Vulnerabilities for packages: cosign-fips, falco, vexctl, kubescape, gitsign, tekton-chains, falcoctl, falcoctl-fips...
CVE-2023-49290 vulnerabilities
Vulnerabilities for packages: falco, vexctl, gitsign, kubescape, tekton-chains, falcoctl...