VYPR
Vendor

Bitnami

Products
6
CVEs
5
Across products
5
Status
Private

Products

6

Recent CVEs

5
  • CVE-2025-41240CriJul 24, 2025
    risk 0.65cvss 10.0epss 0.01

    Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document root. In affected versions, this can lead to unauthenticated access to sensitive credentials via HTTP/S. A remote attacker could…

  • CVE-2021-21979HigMar 3, 2021
    risk 0.48cvss 7.3epss 0.01

    In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and…

  • CVE-2026-47846Jun 18, 2026
    risk 0.00cvss epss 0.00

    Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRA_USER environment variable, the container initialization script creates the new superuser account but fails to drop…

  • CVE-2026-47847Jun 18, 2026
    risk 0.00cvss epss 0.00

    Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADB_REPLICATION_USER and MARIADB_REPLICATION_PASSWORD environment variables defaulted to monitor and monitor…

  • CVE-2025-22248May 13, 2025
    risk 0.00cvss epss 0.00

    The bitnami/pgpool Docker image, and the bitnami/postgres-ha k8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster. The PGPOOL_SR_CHECK_USER is the user that Pgpool itself uses to perform…