Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-32282 (GCVE-0-2026-32282)
Vulnerability from cvelistv5 – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:20- CWE-61 - UNIX Symbolic Link (Symlink) Following
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | internal/syscall/unix |
Affected:
0 , < 1.25.9
(semver)
Affected: 1.26.0-0 , < 1.26.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-32282",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-13T17:47:42.666766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T18:20:56.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "internal/syscall/unix",
"platforms": [
"linux"
],
"product": "internal/syscall/unix",
"programRoutines": [
{
"name": "Fchmodat"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.2",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Uuganbayar Lkhamsuren (https://github.com/uug4na)"
}
],
"descriptions": [
{
"lang": "en",
"value": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T01:06:55.953Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/763761"
},
{
"url": "https://go.dev/issue/78293"
},
{
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"title": "TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-32282",
"datePublished": "2026-04-08T01:06:55.953Z",
"dateReserved": "2026-03-11T16:38:46.556Z",
"dateUpdated": "2026-04-13T18:20:56.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-32282",
"date": "2026-07-03",
"epss": "0.00292",
"percentile": "0.2091"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-32282\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-04-08T02:16:03.467\",\"lastModified\":\"2026-06-17T10:35:29.120\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"internal/syscall/unix\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"internal/syscall/unix\",\"platforms\":[\"linux\"],\"programRoutines\":[{\"name\":\"Fchmodat\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.25.9\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-0\",\"lessThan\":\"1.26.2\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-13T17:47:42.666766Z\",\"id\":\"CVE-2026-32282\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.9\",\"matchCriteriaId\":\"C6C9C072-9817-402D-877F-F83584B07017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.2\",\"matchCriteriaId\":\"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/763761\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/78293\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4864\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32282\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-13T17:47:42.666766Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-13T17:47:38.773Z\"}}], \"cna\": {\"title\": \"TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix\", \"credits\": [{\"lang\": \"en\", \"value\": \"Uuganbayar Lkhamsuren (https://github.com/uug4na)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"internal/syscall/unix\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.2\", \"versionType\": \"semver\"}], \"platforms\": [\"linux\"], \"packageName\": \"internal/syscall/unix\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Fchmodat\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/763761\"}, {\"url\": \"https://go.dev/issue/78293\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4864\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-61: UNIX Symbolic Link (Symlink) Following\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-04-08T01:06:55.953Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-32282\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T18:20:56.456Z\", \"dateReserved\": \"2026-03-11T16:38:46.556Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-04-08T01:06:55.953Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
cleanstart-2026-gy76045
Vulnerability from cleanstart
Multiple security vulnerabilities affect the aws-privateca-issuer package. These issues are resolved in later releases. See references for individual vulnerability details.
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "aws-privateca-issuer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the aws-privateca-issuer package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GY76045",
"modified": "2026-05-18T05:18:57Z",
"published": "2026-05-18T12:56:10.842605Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GY76045.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42501"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42501"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 1.7.0-r0",
"upstream": [
"CVE-2025-47911",
"CVE-2025-58190",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-27143",
"CVE-2026-27144",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33811",
"CVE-2026-33814",
"CVE-2026-39817",
"CVE-2026-39819",
"CVE-2026-39820",
"CVE-2026-39823",
"CVE-2026-39825",
"CVE-2026-39826",
"CVE-2026-39836",
"CVE-2026-42499",
"CVE-2026-42501"
]
}
cleanstart-2026-gz11549
Vulnerability from cleanstart
Multiple security vulnerabilities affect the certificate-transparency-trillian-ctserver package. Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations. See references for individual vulnerability details.
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "certificate-transparency-trillian-ctserver"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.2-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the certificate-transparency-trillian-ctserver package. Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GZ11549",
"modified": "2026-06-09T07:26:31Z",
"published": "2026-06-10T01:03:54.943567Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GZ11549.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61731"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27140"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32288"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40179"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41889"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42151"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42154"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42501"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9jj7-4m8r-rfcm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw8g-cg8f-9j28"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j88v-2chj-qfwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh2q-q3fh-2475"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vffh-x6r8-xx99"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wg65-39gg-5wfj"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27140"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32288"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40179"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41889"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42501"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44903"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61730",
"CVE-2025-61731",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27140",
"CVE-2026-27142",
"CVE-2026-27143",
"CVE-2026-27144",
"CVE-2026-29181",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32288",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-33811",
"CVE-2026-33814",
"CVE-2026-33816",
"CVE-2026-39817",
"CVE-2026-39819",
"CVE-2026-39820",
"CVE-2026-39823",
"CVE-2026-39825",
"CVE-2026-39826",
"CVE-2026-39836",
"CVE-2026-40179",
"CVE-2026-41889",
"CVE-2026-42151",
"CVE-2026-42154",
"CVE-2026-42499",
"CVE-2026-42501",
"CVE-2026-44903",
"ghsa-9jj7-4m8r-rfcm",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-fw7p-63qq-7hpr",
"ghsa-fw8g-cg8f-9j28",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-j88v-2chj-qfwx",
"ghsa-mh2q-q3fh-2475",
"ghsa-p77j-4mvh-x3m3",
"ghsa-vffh-x6r8-xx99",
"ghsa-wg65-39gg-5wfj"
]
}
cleanstart-2026-gz35045
Vulnerability from cleanstart
Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cert-manager-cmctl-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GZ35045",
"modified": "2026-05-21T06:54:09Z",
"published": "2026-05-21T08:09:32.922319Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GZ35045.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-36537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25518"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32952"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35469"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42501"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gx3x-vq4p-mhhv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hr2v-4r36-88hr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh2q-q3fh-2475"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pc3f-x583-g7j2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pjcq-xvwq-hhpj"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25518"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32952"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42501"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, CVE-2026-27143, CVE-2026-27144, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-gx3x-vq4p-mhhv, ghsa-hr2v-4r36-88hr, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2, ghsa-pjcq-xvwq-hhpj applied in versions: 2.4.0-r1, 2.4.0-r2, 2.4.0-r3",
"upstream": [
"CVE-2024-36537",
"CVE-2025-47910",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2026-25518",
"CVE-2026-27143",
"CVE-2026-27144",
"CVE-2026-29181",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-32952",
"CVE-2026-33186",
"CVE-2026-33811",
"CVE-2026-33814",
"CVE-2026-35469",
"CVE-2026-39817",
"CVE-2026-39819",
"CVE-2026-39820",
"CVE-2026-39823",
"CVE-2026-39825",
"CVE-2026-39826",
"CVE-2026-39836",
"CVE-2026-42499",
"CVE-2026-42501",
"ghsa-gx3x-vq4p-mhhv",
"ghsa-hr2v-4r36-88hr",
"ghsa-mh2q-q3fh-2475",
"ghsa-p77j-4mvh-x3m3",
"ghsa-pc3f-x583-g7j2",
"ghsa-pjcq-xvwq-hhpj"
]
}
cleanstart-2026-hf07497
Vulnerability from cleanstart
Multiple security vulnerabilities affect the kyverno-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kyverno-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.14.5-r7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kyverno-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HF07497",
"modified": "2026-05-02T06:11:19Z",
"published": "2026-05-18T13:57:49.427045Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HF07497.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23991"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-66506"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-66564"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-22703"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-22772"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-23831"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-23992"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24117"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24137"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24686"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32952"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6m8w-jc87-6cr7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p436-gjf2-799p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pjcq-xvwq-hhpj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23991"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22703"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22772"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23831"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23992"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24117"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24137"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24686"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32952"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2023-23991, CVE-2025-15558, CVE-2025-47907, CVE-2025-61728, CVE-2025-61730, CVE-2025-66506, CVE-2025-66564, CVE-2026-1229, CVE-2026-22703, CVE-2026-22772, CVE-2026-23831, CVE-2026-23992, CVE-2026-24051, CVE-2026-24117, CVE-2026-24137, CVE-2026-24686, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33810, CVE-2026-34986, CVE-2026-39883, ghsa-2x5j-vhc8-9cwm, ghsa-6m8w-jc87-6cr7, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vvgc-356p-c3xw applied in versions: 1.14.4-r1, 1.14.4-r2, 1.14.5-r3, 1.14.5-r4, 1.14.5-r5, 1.14.5-r6, 1.14.5-r7",
"upstream": [
"CVE-2023-23991",
"CVE-2025-15558",
"CVE-2025-47907",
"CVE-2025-61728",
"CVE-2025-61730",
"CVE-2025-66506",
"CVE-2025-66564",
"CVE-2026-1229",
"CVE-2026-22703",
"CVE-2026-22772",
"CVE-2026-23831",
"CVE-2026-23992",
"CVE-2026-24051",
"CVE-2026-24117",
"CVE-2026-24137",
"CVE-2026-24686",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-32952",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39883",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6m8w-jc87-6cr7",
"ghsa-fw7p-63qq-7hpr",
"ghsa-p436-gjf2-799p",
"ghsa-p77j-4mvh-x3m3",
"ghsa-pjcq-xvwq-hhpj",
"ghsa-vvgc-356p-c3xw"
]
}
cleanstart-2026-hi89495
Vulnerability from cleanstart
Multiple security vulnerabilities affect the docker package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "docker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "29.3.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the docker package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HI89495",
"modified": "2026-05-02T08:06:38Z",
"published": "2026-05-18T13:55:36.297138Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HI89495.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-13509"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-14271"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-13401"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-21285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-41089"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-26054"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23650"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23651"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23652"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23653"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-24557"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-41110"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33748"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39984"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4c29-8rgm-jvjj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4vrq-3vrq-g6gg"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xm5m-wgh2-rrg3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39984"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2019-13509, CVE-2019-14271, CVE-2020-13401, CVE-2021-21285, CVE-2021-41089, CVE-2022-29526, CVE-2023-26054, CVE-2024-23650, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-24557, CVE-2024-41110, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33748, CVE-2026-33810, CVE-2026-39882, CVE-2026-39883, CVE-2026-39984, ghsa-4c29-8rgm-jvjj, ghsa-4vrq-3vrq-g6gg, ghsa-78h2-9frx-2jm8, ghsa-hfvc-g4fc-pqhx, ghsa-w8rr-5gcm-pp58, ghsa-xm5m-wgh2-rrg3, ghsa-xmrv-pmrh-hhx2 applied in versions: 18.09.7-r0, 18.09.8-r0, 19.03.1-r0, 19.03.11-r0, 19.03.14-r0, 20.10.11-r0, 20.10.14-r0, 20.10.16-r0, 20.10.18-r0, 20.10.20-r0, 20.10.3-r0, 20.10.9-r0, 23.0.2-r0, 23.0.3-r0, 25.0.2-r0, 26.0.0-r0, 26.0.2-r0, 26.1.5-r0, 29.3.0-r1",
"upstream": [
"CVE-2019-13509",
"CVE-2019-14271",
"CVE-2020-13401",
"CVE-2021-21285",
"CVE-2021-41089",
"CVE-2022-29526",
"CVE-2023-26054",
"CVE-2024-23650",
"CVE-2024-23651",
"CVE-2024-23652",
"CVE-2024-23653",
"CVE-2024-24557",
"CVE-2024-41110",
"CVE-2026-27143",
"CVE-2026-27144",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33748",
"CVE-2026-33810",
"CVE-2026-39882",
"CVE-2026-39883",
"CVE-2026-39984",
"ghsa-4c29-8rgm-jvjj",
"ghsa-4vrq-3vrq-g6gg",
"ghsa-78h2-9frx-2jm8",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-w8rr-5gcm-pp58",
"ghsa-xm5m-wgh2-rrg3",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-hk01840
Vulnerability from cleanstart
Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HK01840",
"modified": "2026-05-02T09:17:05Z",
"published": "2026-05-18T13:51:18.987325Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HK01840.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32952"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33815"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9jj7-4m8r-rfcm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pjcq-xvwq-hhpj"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32952"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-9jj7-4m8r-rfcm, ghsa-hfvc-g4fc-pqhx, ghsa-pjcq-xvwq-hhpj applied in versions: 2.4.4-r2, 2.4.4-r4, 2.4.4-r5, 2.4.4-r6, 2.4.4-r7, 2.5.0-r0, 2.5.0-r1",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-68121",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-32952",
"CVE-2026-33186",
"CVE-2026-33815",
"CVE-2026-33816",
"CVE-2026-34986",
"CVE-2026-39883",
"ghsa-78h2-9frx-2jm8",
"ghsa-9jj7-4m8r-rfcm",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-pjcq-xvwq-hhpj"
]
}
cleanstart-2026-hm31566
Vulnerability from cleanstart
Multiple security vulnerabilities affect the configmap-reload package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "configmap-reload"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.15.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the configmap-reload package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HM31566",
"modified": "2026-05-15T07:55:34Z",
"published": "2026-05-18T12:59:52.704230Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HM31566.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 0.15.0-r0",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33811",
"CVE-2026-33814",
"CVE-2026-39820",
"CVE-2026-39823",
"CVE-2026-39825",
"CVE-2026-39826",
"CVE-2026-39836",
"CVE-2026-42499"
]
}
cleanstart-2026-hq88036
Vulnerability from cleanstart
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.96.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HQ88036",
"modified": "2026-04-29T07:41:49Z",
"published": "2026-04-30T01:00:58.604637Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HQ88036.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32285",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-78h2-9frx-2jm8",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-ht21055
Vulnerability from cleanstart
Multiple security vulnerabilities affect the ip-masq-agent package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "ip-masq-agent"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.12.6-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the ip-masq-agent package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HT21055",
"modified": "2026-06-04T11:28:29Z",
"published": "2026-06-08T13:39:38.650336Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HT21055.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-13281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-1767"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61731"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32288"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4x4m-3c2p-qppc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hj2p-8wj8-pfq4"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r6j8-c6r2-37rr"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7598"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1767"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32288"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2024-7598, CVE-2025-13281, CVE-2025-1767, CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61731, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, ghsa-4x4m-3c2p-qppc, ghsa-hj2p-8wj8-pfq4, ghsa-r6j8-c6r2-37rr applied in versions: 2.12.6-r0, 2.12.6-r1",
"upstream": [
"CVE-2024-7598",
"CVE-2025-13281",
"CVE-2025-1767",
"CVE-2025-47911",
"CVE-2025-58190",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61731",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32288",
"CVE-2026-32289",
"ghsa-4x4m-3c2p-qppc",
"ghsa-hj2p-8wj8-pfq4",
"ghsa-r6j8-c6r2-37rr"
]
}
cleanstart-2026-hz73294
Vulnerability from cleanstart
Multiple security vulnerabilities affect the kube-fluentd-operator package. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. See references for individual vulnerability details.
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-fluentd-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-fluentd-operator package. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HZ73294",
"modified": "2026-04-08T10:12:22Z",
"published": "2026-04-09T00:45:08.400884Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HZ73294.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-45288"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-24786"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-45338"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22869"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22872"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-65637"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4f99-4q7p-p3gh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4v7x-pqxf-cx7m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8r3f-844c-mc37"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v778-237x-gjrc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22872"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65637"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service",
"upstream": [
"CVE-2023-45288",
"CVE-2024-24786",
"CVE-2024-45338",
"CVE-2025-22868",
"CVE-2025-22869",
"CVE-2025-22872",
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58190",
"CVE-2025-65637",
"CVE-2026-32281",
"CVE-2026-32282",
"ghsa-4f99-4q7p-p3gh",
"ghsa-4v7x-pqxf-cx7m",
"ghsa-6v2p-p543-phr9",
"ghsa-8r3f-844c-mc37",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-hcg3-q754-cr77",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-v778-237x-gjrc",
"ghsa-vvgc-356p-c3xw"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.