OSV - Open Source Vulnerabilities

CLEANSTART-2026-PK19530

CleanStart/druid-exporter-fips

Security fixes for CVE-2022-29526, CVE-2025-47907, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-4f99-4q7p-p3gh applied in versions: 0.10-r0, 0.11-r0, 0.11-r2, 0.11-r3, 0.11-r4, 0.11-r5, 0.11-r6

18 May

Fix available

CLEANSTART-2026-OH43332

CleanStart/druid-exporter-fips

Security fixes for CVE-2022-29526, CVE-2025-47907, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-4f99-4q7p-p3gh applied in versions: 0.10-r0, 0.10-r1, 0.10-r2, 0.10-r3, 0.10-r4, 0.10-r5, 0.11-r0

18 May

Fix available

CLEANSTART-2026-HZ73294

CleanStart/kube-fluentd-operator

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service

09 Apr

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-SQ68600

CleanStart/kube-fluentd-operator

Security fixes for CVE-2023-45288, CVE-2024-24786, CVE-2024-45338, CVE-2025-22868, CVE-2025-22869, CVE-2025-22872, CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2025-65637, ghsa-4f99-4q7p-p3gh, ghsa-4v7x-pqxf-cx7m, ghsa-6v2p-p543-phr9, ghsa-8r3f-844c-mc37, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-qxp5-gwg8-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 1.18.2-r0

06 Apr

Fix available

CLEANSTART-2026-NV78596

CleanStart/druid-exporter-fips

01 Apr

Fix available

MINI-3q7x-p8pc-v6vc

MinimOS/aws-flb-firehose
MinimOS/aws-flb-firehose-compat

See record for full details

04 Mar

Fix available

CLEANSTART-2026-TK38210

CleanStart/druid-exporter-fips

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate

30 Jan

Fix available
Severity - 9.8 (Critical)

CLEANSTART-2026-LZ10721

CleanStart/druid-exporter-fips

Within HostnameError

30 Jan

Fix available
Severity - 9.8 (Critical)

GO-2025-4188

Go/github.com/sirupsen/logrus

Logrus is vulnerable to DoS when using Entry.writerScanner in github.com/sirupsen/logrus

15 Dec 2025

Fix available

MINI-h72p-r7x8-qhp5

MinimOS/kubernetes-event-exporter
MinimOS/kubernetes-event-exporter-advanced-compat

See record for full details

09 Dec 2025

No fix available

MINI-8cv7-jqv7-cmmj

MinimOS/aws-flb-cloudwatch
MinimOS/aws-flb-cloudwatch-compat

See record for full details

09 Dec 2025

Fix available

MINI-9gfm-wq55-9v29

MinimOS/aws-flb-kinesis
MinimOS/aws-flb-kinesis-compat

See record for full details

07 Dec 2025

Fix available

MINI-g7hh-5p2g-2hvr

MinimOS/kubernetes-event-exporter-fips

See record for full details

07 Dec 2025

Fix available

MINI-fg7j-v7m6-4m79

MinimOS/cadvisor
MinimOS/cadvisor-compat

See record for full details

06 Dec 2025

Fix available

GHSA-4f99-4q7p-p3gh

Go/github.com/sirupsen/logrus

Logrus is vulnerable to DoS when using Entry.Writer()

04 Dec 2025

Fix available
Severity - 8.7 (High)

CVE-2025-65637

github.com/sirupsen/logrus

See record for full details

04 Dec 2025

Fix available
Severity - 7.5 (High)