Go modules package
github.com/controlplaneio-fluxcd/flux-operator
pkg:golang/github.com/controlplaneio-fluxcd/flux-operator
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-23990 | — | >= 0.36.0, < 0.40.0 | 0.40.0 | Jan 21, 2026 | The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication |
- CVE-2026-23990Jan 21, 2026affected >= 0.36.0, < 0.40.0fixed 0.40.0
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication