Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2026-2230
  • VSCode:https://open-vsx.org/aquasecurityofficial.trivy-vulnerability-scanner
 Malicious code in aquasecurityofficial.trivy-vulnerability-scanner (VSCode:https://open-vsx.org) 26 Mar
  • No fix available
CGA-mhf2-24x8-jgh8
  • Chainguard/addon-resizer
  • Chainguard/addon-resizer-fips
  • Chainguard/amazon-ecs-agent
  • Chainguard/amazon-ecs-agent-fips
  • Chainguard/amazon-k8s-cni-init-fips-compat
  • ... 646 more
 See record for full details 10 Feb
  • Fix available
CGA-676m-cmwh-7rgc
  • Chainguard/addon-resizer
  • Chainguard/addon-resizer-fips
  • Chainguard/amazon-ecs-agent
  • Chainguard/amazon-ecs-agent-fips
  • Chainguard/amazon-k8s-cni-init-fips-compat
  • ... 646 more
 See record for full details 10 Feb
  • Fix available
CGA-767v-h7fp-9hf6
  • Chainguard/addon-resizer
  • Chainguard/addon-resizer-compat
  • Chainguard/apm-server-fips-7.17
  • Chainguard/apm-server-fips-7.17-compat
  • Chainguard/azuredisk-csi-fips-1.28
  • ... 304 more
 See record for full details 11 Jan
  • Fix available
MAL-2025-48770
  • npm/vulnerability-test
 Malicious code in vulnerability-test (npm) 26 Oct 2025
  • No fix available
MAL-2024-7758
  • npm/transitive-vulnerability-demo
 Malicious code in transitive-vulnerability-demo (npm) 15 Jul 2024
  • No fix available
GHSA-ph87-4x2g-6hp4
  • Maven/io.jenkins.plugins:neuvector-vulnerability-scanner
 Jenkins NeuVector Vulnerability Scanner Plugin missing permission check 29 Nov 2023
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-wpfc-r5qq-7r7p
  • Maven/io.jenkins.plugins:neuvector-vulnerability-scanner
 Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability 29 Nov 2023
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-r3mm-v4x7-2phm
  • Maven/io.jenkins.plugins:neuvector-vulnerability-scanner
 Jenkins NeuVector Vulnerability Scanner Plugin disables SSL/TLS certificate and hostname validation 12 Apr 2023
  • No fix available
  • Severity - 5.9 (Medium)
GHSA-wmfh-h3vm-rcxm
  • Maven/io.jenkins.plugins:neuvector-vulnerability-scanner
 Content-Security-Policy protection for user content disabled by Jenkins NeuVector Vulnerability Scanner Plugin 19 Oct 2022
  • Fix available
  • Severity - 8.0 (High)
GHSA-3fpx-g9h3-hh8x
  • Maven/io.jenkins.plugins:neuvector-vulnerability-scanner
 Jenkins NeuVector Vulnerability Scanner Plugin stored credentials in plain text 24 May 2022
  • Fix available
  • Severity - 5.5 (Medium)