Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
Rancher Webhook is misconfigured during upgrade process Critical
CVE-2023-22651 was published for github.com/rancher/rancher (Go) Apr 24, 2023
pjbgf
SecureJoin: on windows, paths outside of the rootfs could be inadvertently produced Moderate
GHSA-6xv5-86q9-7xr8 was published for github.com/cyphar/filepath-securejoin (Go) Sep 7, 2023
pjbgf
Gitops Run insecure communication High
CVE-2022-23509 was published for github.com/weaveworks/weave-gitops (Go) Jan 9, 2023
pjbgf
Improper kubeconfig validation allows arbitrary code execution Critical
CVE-2022-24817 was published for github.com/fluxcd/flux2 (Go) May 16, 2022
pjbgf
Flux CLI Workload Injection High
CVE-2022-36035 was published for github.com/fluxcd/flux2 (Go) Sep 1, 2022
pjbgf
GitOps Run allows for Kubernetes workload injection High
CVE-2022-23508 was published for github.com/weaveworks/weave-gitops (Go) Jan 9, 2023
pjbgf
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
ProTip! Advisories are also available from the GraphQL API