14 matches found
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: knative-operator, kyverno-policy-reporter-kyverno-plugin, kine, docker-credential-gcr, nuclei, argo-cd, spire-controller-manager, dkron, witness, gcsfuse, dbmate, buildah, gitaly, rclone, fuse-overlayfs-snapshotter, knative-client, tetragon, kubeflow-katib,...
CVE-2025-15558 vulnerabilities
Vulnerabilities for packages: nerdctl, zot, kyverno, witness, flux-kustomize-controller, kubeflow-katib, kyverno-notation-aws, gh, flux-notification-controller, k3d, rke2-cloud-provider, aactl, argo-workflows, traefik, dagdotdev, trivy-operator, kargo, spire-server, rancher-fleet, ko, vcluster,...
GHSA-P436-GJF2-799P vulnerabilities
Vulnerabilities for packages: nerdctl, zot, kyverno, witness, flux-kustomize-controller, kubeflow-katib, kyverno-notation-aws, gh, flux-notification-controller, k3d, rke2-cloud-provider, aactl, argo-workflows, traefik, dagdotdev, trivy-operator, kargo, spire-server, rancher-fleet, ko, vcluster,...
CVE-2025-15558 vulnerabilities
Vulnerabilities for packages: trivy-operator-fips, paranoia, guac, falcoctl-fips, tekton-pipelines, knative-serving, flux-kustomize-controller, kubescape-operator-fips, nerdctl, trivy, flux-kustomize-controller-fips, rke2-cloud-provider, flux-notification-controller-fips, kargo, tekton-chains-fip...
GHSA-P436-GJF2-799P vulnerabilities
Vulnerabilities for packages: trivy-operator-fips, paranoia, guac, falcoctl-fips, tekton-pipelines, knative-serving, flux-kustomize-controller, kubescape-operator-fips, nerdctl, trivy, flux-kustomize-controller-fips, rke2-cloud-provider, flux-notification-controller-fips, kargo, tekton-chains-fip...
Security update for vexctl
This update for vexctl fixes the following issues: Update to version 0.4.1+git78.f951e3a: CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...
SUSE-SU-2026:0592-1 Security update for vexctl
This update for vexctl fixes the following issues: - Update to version 0.4.1+git78.f951e3a: - CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 - CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...
OPENSUSE-SU-2026:10230-1 vexctl-0.4.1+git78.f951e3a-1.1 on GA media
These are all security issues fixed in the vexctl-0.4.1+git78.f951e3a-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-47906 vulnerabilities
Vulnerabilities for packages: vault-k8s, shfmt, mongodb-kubernetes-operator, terraform-provider-time, octo-sts, k8sgpt-operator, vault-benchmark, lvm-driver, confluent-common-docker, sftpgo-plugin-geoipfilter, dagdotdev, git-lfs, docker-credential-ecr-login, local-path-provisioner, ctop, vexctl,...
GHSA-GWRF-JF3H-W649 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver-fips, nats, yace-fips, terraform-provider-tls-fips, git-lfs, knative-serving, custom-pod-autoscaler-operator, k8sgpt-operator, cluster-api, docker-credential-ecr-login, azurefile-csi-fips, kube-logging-operator-custom-runner-fip...
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: go-licenses, kine, kustomize, docker-credential-gcr, kyverno-policy-reporter-kyverno-plugin, nuclei, skaffold, go-md2man, gcsfuse, dockerize, hey, fuse-overlayfs-snapshotter, kubeflow-katib, newrelic-prometheus-configurator, buildkitd, kube-bench, pulumi, nri-mssql,...
CVE-2024-21664 vulnerabilities
Vulnerabilities for packages: tekton-chains, spire-server, mc, kubescape, vexctl, minio, gitsign, falco, boring-registry, falcoctl...
CVE-2023-49290 vulnerabilities
Vulnerabilities for packages: tekton-chains, kubescape, vexctl, gitsign, falco, falcoctl...
CVE-2023-49290 vulnerabilities
Vulnerabilities for packages: falcoctl, falco, gitsign, tekton-chains, falcoctl-fips, kubescape, cosign-fips, vexctl...