'Fudousan Plugin' Series Security Vulnerabilities

CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2

CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2. A patched version of the package is...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, docker, restic, crossplane, k8sgpt, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, k9s, velero, nodetaint, rqlite, buildkitd, cluster-proportional-autoscaler, gh, gomplate, secrets-store-csi-driver-provider-gcp,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: cadvisor, docker, zot, skaffold, k3s, skopeo, kots, trivy, runc, zarf, k9s, k3d, ingress-nginx-controller, newrelic-infrastructure-agent, buildkitd, nvidia-device-plugin, telegraf, kubernetes, syft, kubescape, datadog-agent, ctop, nerdctl, kaniko, grype,...

GHSA-VVPX-J8F3-3W6H vulnerabilities

Vulnerabilities for packages: wireguard-go, k3d, hey, gke-gcloud-auth-plugin, restic, dynamic-localpv-provisioner, go, grpcurl,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: gitness, hey, nodetaint, rqlite, buildkitd, secrets-store-csi-driver-provider-gcp, cue, gomplate, gitlab-pages, kaf, pulumi-language-java, kubewatch, nvidia-device-plugin, oauth2-proxy, gitlab-shell, ip-masq-agent, terraform-provider-azurerm, src, envoy-ratelimit,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, docker, restic, crossplane, k8sgpt, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, k9s, velero, nodetaint, rqlite, buildkitd, cluster-proportional-autoscaler, gh, gomplate, secrets-store-csi-driver-provider-gcp,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: cadvisor, nri-elasticsearch, nri-mongodb, restic, kubeadm-controlplane-controller, esbuild, wazero, nri-kafka, kyverno-policy-reporter-ui, gcsfuse, oauth2-proxy, nfs-subdir-external-provisioner, terraform-provider-azurerm, src, kuberay-operator, kubevela,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, hey, harbor-registry, stern, crossplane, kubecolor, mods, k8sgpt, kubebuilder, capslock, confluent-common-docker, k9s, paranoia, secrets-store-csi-driver-provider-gcp, buildkitd, step-ca, cue, gomplate, kyverno-policy-reporter-ui, helm-push,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, hey, harbor-registry, stern, crossplane, kubecolor, mods, k8sgpt, kubebuilder, capslock, confluent-common-docker, k9s, paranoia, secrets-store-csi-driver-provider-gcp, buildkitd, step-ca, cue, gomplate, kyverno-policy-reporter-ui, helm-push,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: gitness, hey, k8sgpt, flux-image-automation-controller, nodetaint, rqlite, buildkitd, secrets-store-csi-driver-provider-gcp, cue, gomplate, gitlab-pages, kaf, pulumi-language-java, chartmuseum, kubewatch, nvidia-device-plugin, oauth2-proxy,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2022-41723 vulnerabilities

Vulnerabilities for packages: wireguard-go, k3d, hey, gke-gcloud-auth-plugin, restic, dynamic-localpv-provisioner, go, grpcurl,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: cadvisor, nri-elasticsearch, nri-mongodb, restic, kubeadm-controlplane-controller, esbuild, wazero, nri-kafka, kyverno-policy-reporter-ui, gcsfuse, oauth2-proxy, nfs-subdir-external-provisioner, terraform-provider-azurerm, src, kuberay-operator, kubevela,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, hey, harbor-registry, stern, crossplane, kubecolor, mods, k8sgpt, kubebuilder, capslock, confluent-common-docker, k9s, paranoia, secrets-store-csi-driver-provider-gcp, buildkitd, step-ca, cue, gomplate, kyverno-policy-reporter-ui, helm-push,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: gitness, hey, k8sgpt, flux-image-automation-controller, nodetaint, rqlite, buildkitd, secrets-store-csi-driver-provider-gcp, cue, gomplate, kubernetes-ingress-defaultbackend, gitlab-pages, kaf, pulumi-language-java, chartmuseum, kubewatch, nvidia-device-plugin,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: gitness, hey, k8sgpt, flux-image-automation-controller, nodetaint, rqlite, buildkitd, secrets-store-csi-driver-provider-gcp, cue, gomplate, kubernetes-ingress-defaultbackend, gitlab-pages, kaf, pulumi-language-java, chartmuseum, kubewatch, nvidia-device-plugin,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: gitness, hey, k8sgpt, flux-image-automation-controller, nodetaint, rqlite, buildkitd, secrets-store-csi-driver-provider-gcp, cue, gomplate, gitlab-pages, kaf, pulumi-language-java, chartmuseum, kubewatch, nvidia-device-plugin, oauth2-proxy,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: gitness, hey, nodetaint, rqlite, buildkitd, secrets-store-csi-driver-provider-gcp, cue, gomplate, gitlab-pages, kaf, pulumi-language-java, kubewatch, nvidia-device-plugin, oauth2-proxy, gitlab-shell, ip-masq-agent, terraform-provider-azurerm, src, envoy-ratelimit,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: ko, argo-cd, kots, flux-source-controller, node-problem-detector, thanos, kubernetes-csi-external-attacher, dex, tctl, k3d, pulumi-language-dotnet, keda, buildkitd, flux-helm-controller, helm, pulumi-language-yaml, spark-operator, terraform,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: cadvisor, docker, zot, skaffold, k3s, skopeo, kots, trivy, runc, zarf, k9s, k3d, ingress-nginx-controller, newrelic-infrastructure-agent, buildkitd, nvidia-device-plugin, telegraf, kubernetes, syft, kubescape, datadog-agent, ctop, nerdctl, kaniko, grype,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, hey, harbor-registry, stern, crossplane, kubecolor, mods, k8sgpt, kubebuilder, capslock, confluent-common-docker, k9s, paranoia, secrets-store-csi-driver-provider-gcp, buildkitd, step-ca, cue, gomplate, kyverno-policy-reporter-ui, helm-push,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. (An update is also available for the 2022.11...

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. (An update is also available for the 2022.11...

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

CVE-2024-35905 bpf: Protect against int overflow for stack access size

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: keda-fips, tekton-pipelines, kubernetes-csi-livenessprobe-fips, extism, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, cert-manager-webhook-pdns-fips, dynamic-localpv-provisioner, spark-operator, bom, karpenter-fips, k8sgpt, rclone, neuvector-scanner, cue,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-VVPX-J8F3-3W6H vulnerabilities

Vulnerabilities for packages: k3d, kube-state-metrics, dynamic-localpv-provisioner-fips, restic, py3-seldon-core, wireguard-go, falco, grpcurl, dynamic-localpv-provisioner, go, gke-gcloud-auth-plugin, hey, eks-distro-coredns, kyverno,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, cert-manager-fips, vault-k8s-fips, kots, kubernetes-dashboard, metacontroller, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, gobuster, kubernetes-csi-external-resizer-fips,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, gatekeeper-fips, vault-k8s-fips, kots, metacontroller, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, gobuster, kubernetes-csi-external-resizer-fips, fuse-overlayfs-snapshotter,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, tigera-operator, bank-vaults-fips, gobuster, aws-ebs-csi-driver, metrics-server, configmap-reload, kubernetes-csi-livenessprobe-fips, kubernetes-csi-node-driver-registrar-fips, gosu, gitlab-logger, nri-discovery-kubernetes, goreleaser,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, tekton-pipelines, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, docker, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, dynamic-localpv-provisioner, cilium, goreleaser, spark-operator, k8sgpt,...

CVE-2022-41723 vulnerabilities

Vulnerabilities for packages: k3d, kube-state-metrics, dynamic-localpv-provisioner-fips, restic, py3-seldon-core, wireguard-go, falco, grpcurl, dynamic-localpv-provisioner, go, gke-gcloud-auth-plugin, hey, eks-distro-coredns, kyverno,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, tekton-pipelines, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, docker, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, dynamic-localpv-provisioner, cilium, goreleaser, spark-operator, k8sgpt,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...