karpenter-1.10

Direct Vulnerabilities

Known vulnerabilities in the karpenter-1.10 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2026-39821

<1.10.1-r0
  • L
Improper Restriction of Rendered UI Layers or Frames

<1.10.1-r0
  • L
GHSA-m9x8-m34x-fj9q

<1.10.1-r0
  • L
Improper Restriction of Rendered UI Layers or Frames

<1.10.1-r0
  • L
GHSA-w2q5-6q6x-x959

<1.10.1-r0
  • L
Resource Exhaustion

<1.10.1-r0
  • L
GHSA-wrh2-89vg-4j9g

<1.10.1-r0
  • L
Improper Restriction of Rendered UI Layers or Frames

<1.10.1-r0
  • L
Cross-site Scripting (XSS)

<1.10.1-r0
  • L
GHSA-w9p8-pvxh-rxpj

<1.10.1-r0
  • L
GHSA-cg87-vwwh-xvgj

<1.10.1-r0
  • L
GHSA-5cv4-jp36-h3mw

<1.10.1-r0
  • L
GHSA-xcgv-8mv7-v8c7

<1.10.0-r6
  • L
GHSA-ff52-ph69-cf7x

<1.10.0-r6
  • L
CVE-2026-42505

<1.10.0-r6
  • L
CVE-2026-39822

<1.10.0-r6
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<1.10.1-r0
  • L
CVE-2026-42501

<1.10.0-r3
  • H
Allocation of Resources Without Limits or Throttling

<1.10.0-r3
  • H
Double Free

<1.10.0-r3
  • L
GHSA-3v2c-x6q9-f697

<1.10.0-r3
  • L
GHSA-497x-jcxf-m478

<1.10.0-r3
  • H
NULL Pointer Dereference

<1.10.0-r3
  • L
CVE-2026-42499

<1.10.0-r3
  • L
GHSA-p9h5-jm8x-mjm5

<1.10.0-r3
  • L
GHSA-h74g-238j-357m

<1.10.0-r3
  • L
Improper Encoding or Escaping of Output

<1.10.0-r3
  • L
Cross-site Scripting (XSS)

<1.10.0-r3
  • M
Link Following

<1.10.0-r3
  • L
CVE-2026-39825

<1.10.0-r3
  • L
GHSA-8g2r-hhvj-mv99

<1.10.0-r3
  • L
GHSA-5m4p-2gjx-p2g8

<1.10.0-r3
  • L
GHSA-qf3q-3h68-mmh2

<1.10.0-r3
  • L
GHSA-2283-wf8c-rw8r

<1.10.0-r3
  • L
GHSA-xq5j-9r39-c3vf

<1.10.0-r3
  • M
Out-of-bounds Write

<1.10.0-r3
  • L
GHSA-qc64-m6c2-v4x7

<1.10.0-r3
  • L
GHSA-cfp9-33rc-j74f

<1.10.0-r2
  • L
GHSA-fv83-x2xw-2j55

<1.10.0-r2
  • L
GHSA-jrg3-gfjw-hm96

<1.10.0-r2
  • L
GHSA-xj38-jxc5-rppx

<1.10.0-r2
  • L
GHSA-gjvh-7jh8-7xhm

<1.10.0-r2
  • M
Cross-site Scripting (XSS)

<1.10.0-r2
  • H
Incorrect Authorization

<1.10.0-r2
  • L
GHSA-m4pr-4j3g-9v7v

<1.10.0-r2
  • H
Improper Certificate Validation

<1.10.0-r2
  • M
Allocation of Resources Without Limits or Throttling

<1.10.0-r2
  • H
Improper Certificate Validation

<1.10.0-r2
  • M
Link Following

<1.10.0-r2
  • L
GHSA-cqrx-3m42-5p5w

<1.10.0-r2
  • L
GHSA-x4jj-h2v8-hqqv

<1.10.0-r2
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<1.10.0-r2
  • L
GHSA-5w89-2c2x-6x66

<1.10.0-r2
  • C
CVE-2026-27143

<1.10.0-r2
  • L
GHSA-7mr4-xjxg-34g6

<1.10.0-r2
  • L
CVE-2026-32280

<1.10.0-r2
  • H
Allocation of Resources Without Limits or Throttling

<1.10.0-r2