Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
RHSA-2026:34365
  • Red Hat:satellite:6.19::el9/candlepin
  • Red Hat:satellite:6.19::el9/candlepin-selinux
  • Red Hat:satellite:6.19::el9/foreman
  • Red Hat:satellite:6.19::el9/foreman-cli
  • Red Hat:satellite:6.19::el9/foreman-debug
  • ... 27 more
Red Hat Security Advisory: Satellite 6.19.2 Async Update 5 days ago
  • Fix available
  • Severity - 8.8 (High)
RHSA-2026:28047
  • Red Hat:openstack:17.1::el9/etcd
  • Red Hat:openstack:17.1::el9/etcd-debuginfo
  • Red Hat:openstack:17.1::el9/etcd-debugsource
Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update 23 Jun
  • Fix available
  • Severity - 9.1 (Critical)
CLEANSTART-2026-BM78291
  • CleanStart/dex
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU 11 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-SQ76279
  • CleanStart/dex
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU 11 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-XC13942
  • CleanStart/mountpoint-s3-csi-driver
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service 11 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-VN16911
  • CleanStart/wave
ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label 10 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-GZ11549
  • CleanStart/certificate-transparency-trillian-ctserver
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations 10 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-EU52554
  • CleanStart/gostatsd
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files 10 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-RF77222
  • CleanStart/wave
ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label 10 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-LA96053
  • CleanStart/wave
ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label 10 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-EM89202
  • CleanStart/cass-operator
OpenTelemetry-Go is the Go implementation of OpenTelemetry 10 Jun
  • Fix available
  • Severity - 9.8 (Critical)
CLEANSTART-2026-VX15911
  • CleanStart/kube-state-metrics
Security fixes for CVE-2023-45288, CVE-2023-48795, CVE-2024-24786, CVE-2024-45337, CVE-2024-45338, CVE-2025-22868, CVE-2025-22869, CVE-2025-22870, CVE-2025-22872, CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598 applied in versions: 2.10.1-r0, 2.10.1-r1, 2.10.1-r2 08 Jun
  • Fix available
CLEANSTART-2026-YG71543
  • CleanStart/vault
Security fixes for CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-33816, CVE-2026-34040, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-39883, CVE-2026-41602, CVE-2026-41889, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-44503, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-7j59-v9qr-6fq9, ghsa-j88v-2chj-qfwx, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-wf45-q9ch-q8gh, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.21.4-r0, 1.21.4-r1, 1.21.4-r2, 1.21.4-r3, 1.21.4-r4, 1.21.4-r5 08 Jun
  • Fix available
CLEANSTART-2026-PD78752
  • CleanStart/grafana-alloy
Security fixes for CVE-2025-11579, CVE-2026-21726, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32281, CVE-2026-32283, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-33810, CVE-2026-33997, CVE-2026-34040, CVE-2026-34165, CVE-2026-34986, CVE-2026-39821, CVE-2026-39882, CVE-2026-39883, CVE-2026-41506, CVE-2026-41602, CVE-2026-45022, ghsa-37cx-329c-33x3, ghsa-3xc5-wrhm-f963, ghsa-497x-rrr9-68jp, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr, ghsa-w5pp-99ch-qj29, ghsa-w8rr-5gcm-pp58, ghsa-wf45-q9ch-q8gh, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.2-r0, 1.14.2-r1, 1.15.1-r1, 1.16.0-r0, 1.16.1-r0 08 Jun
  • Fix available
CLEANSTART-2026-XV65906
  • CleanStart/kube-state-metrics
Security fixes for CVE-2023-45288, CVE-2023-48795, CVE-2024-24786, CVE-2024-45337, CVE-2024-45338, CVE-2025-22868, CVE-2025-22869, CVE-2025-22870, CVE-2025-22872, CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598 applied in versions: 2.10.1-r0, 2.10.1-r1, 2.10.1-r2 08 Jun
  • Fix available
CLEANSTART-2026-JI51299
  • CleanStart/percona-xtradb-cluster-operator-fips
Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61731, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25518, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-26958, CVE-2026-27136, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33810, CVE-2026-35469, CVE-2026-39821, CVE-2026-42502, CVE-2026-42506, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-pc3f-x583-g7j2 applied in versions: 1.18.0-r0, 1.18.0-r1, 1.18.0-r2, 1.18.0-r3, 1.18.0-r4, 1.18.0-r5 08 Jun
  • Fix available