Go modules package
github.com/fluxcd/source-controller
pkg:golang/github.com/fluxcd/source-controller
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-31216 | Med | 5.1 | < 1.2.5 | 1.2.5 | May 15, 2024 | The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolki | |
| CVE-2022-39272 | — | >= 0.0.1-alpha-1, < 0.30.0 | 0.30.0 | Oct 21, 2022 | Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fi |
- affected < 1.2.5fixed 1.2.5
The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolki
- CVE-2022-39272Oct 21, 2022affected >= 0.0.1-alpha-1, < 0.30.0fixed 0.30.0
Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fi