OSV - Open Source Vulnerabilities

CLEANSTART-2026-KC83705

CleanStart/tempo

During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

5 days ago

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-FB07695

CleanStart/velero-fips

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint

5 days ago

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-BZ28794

CleanStart/aws-load-balancer-controller

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service

5 days ago

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-MP87020

CleanStart/karpenter

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources

5 days ago

Fix available
Severity - 9.8 (Critical)

SUSE-SU-2026:1321-1

SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS/go1.25
SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS/go1.25
SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS/go1.25
SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS/go1.25
SUSE:Linux Enterprise Module for Development Tools 15 SP7/go1.25
... 6 more

Security update for go1.25

5 days ago

Fix available

SUSE-SU-2026:1320-1

SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS/go1.26
SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS/go1.26
SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS/go1.26
SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS/go1.26
SUSE:Linux Enterprise Module for Development Tools 15 SP7/go1.26
... 6 more

Security update for go1.26

5 days ago

Fix available

CLEANSTART-2026-FH63386

CleanStart/sealed-secrets

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint

6 days ago

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-LK73694

CleanStart/sealed-secrets

During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

6 days ago

Fix available
Severity - 9.8 (Critical)

MINI-m7fq-j845-q3pf

MinimOS/buildpacks-lifecycle-fips-0.20

See record for full details

6 days ago

Fix available

MINI-gr9h-34h9-36w9

MinimOS/eks-kube-apiserver-1.32
MinimOS/eks-kube-apiserver-1.32-compat
MinimOS/eks-kube-controller-manager-1.32
MinimOS/eks-kube-controller-manager-1.32-compat
MinimOS/eks-kube-proxy-1.32
... 8 more

See record for full details

6 days ago

Fix available

MINI-gp3v-j4p6-46vm

MinimOS/livekit-sip-fips

See record for full details

6 days ago

Fix available

MINI-67x7-hv7x-rpqv

MinimOS/kubernetes-event-exporter
MinimOS/kubernetes-event-exporter-advanced-compat

See record for full details

6 days ago

Fix available

MINI-3f8x-qmrq-3q7g

MinimOS/kubernetes-dashboard-metrics-scraper
MinimOS/kubernetes-dashboard-metrics-scraper-compat

See record for full details

6 days ago

Fix available

BIT-golang-2026-32280

Bitnami/golang

Unexpected work during chain building in crypto/x509

6 days ago

Fix available
Severity - 7.5 (High)

MINI-gw7g-5gpp-r98w

MinimOS/eks-kube-apiserver-1.31
MinimOS/eks-kube-apiserver-1.31-compat
MinimOS/eks-kube-controller-manager-1.31
MinimOS/eks-kube-controller-manager-1.31-compat
MinimOS/eks-kube-proxy-1.31
... 8 more

See record for full details

13 Apr

Fix available

MINI-8jm3-jg7v-f655

MinimOS/teleport-16

See record for full details

13 Apr

Fix available