keda-fips-2.18-admission-webhooks

Direct Vulnerabilities

Known vulnerabilities in the keda-fips-2.18-admission-webhooks package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2026-46595	<2.18.3-r17
L Out-of-Bounds	<2.18.3-r17
L Improper Certificate Validation	<2.18.3-r17
L CVE-2026-46598	<2.18.3-r17
L Improper Restriction of Rendered UI Layers or Frames	<2.18.3-r17
L Improper Verification of Cryptographic Signature	<2.18.3-r17
L Missing Authorization	<2.18.3-r17
L CVE-2026-39824	<2.18.3-r17
L Cross-site Scripting (XSS)	<2.18.3-r17
L Improper Certificate Validation	<2.18.3-r17
L Deserialization of Untrusted Data	<2.18.3-r17
L Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<2.18.3-r17
L CVE-2026-39821	<2.18.3-r17
L Missing Authorization	<2.18.3-r17
L Improper Restriction of Rendered UI Layers or Frames	<2.18.3-r17
L Integer Overflow or Wraparound	<2.18.3-r17
L Incorrect Type Conversion or Cast	<2.18.3-r17
L Improper Restriction of Rendered UI Layers or Frames	<2.18.3-r17
L Resource Exhaustion	<2.18.3-r17
L Improper Certificate Validation	<2.18.3-r17
M CVE-2025-47911	<2.18.1-r2
L CVE-2026-42504	<2.18.3-r16
L Reachable Assertion	<2.18.1-r2
L CVE-2026-27145	<2.18.3-r16
L CVE-2026-42507	<2.18.3-r16
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.18.1-r2
L Improper Encoding or Escaping of Output	<2.18.3-r15
L CVE-2026-39825	<2.18.3-r15
H Double Free	<2.18.3-r15
L CVE-2026-42501	<2.18.3-r15
H NULL Pointer Dereference	<2.18.3-r15
L Cross-site Scripting (XSS)	<2.18.3-r15
H Loop with Unreachable Exit Condition ('Infinite Loop')	<2.18.3-r15
M Link Following	<2.18.3-r15
L CVE-2026-42499	<2.18.3-r15
M Out-of-bounds Write	<2.18.3-r15
H Allocation of Resources Without Limits or Throttling	<2.18.3-r15
L Resource Exhaustion	*
L Information Exposure	*
M Cross-site Scripting (XSS)	*
L CVE-2026-33816	*
C SQL Injection	*
L Allocation of Resources Without Limits or Throttling	<2.18.3-r14
H Access of Resource Using Incompatible Type ('Type Confusion')	<2.18.3-r12
C CVE-2026-27143	<2.18.3-r12
M Allocation of Resources Without Limits or Throttling	<2.18.3-r12
M Cross-site Scripting (XSS)	<2.18.3-r12
H Incorrect Authorization	<2.18.3-r12
L CVE-2026-32280	<2.18.3-r12
M Link Following	<2.18.3-r12
H Allocation of Resources Without Limits or Throttling	<2.18.3-r12
H Improper Certificate Validation	<2.18.3-r12
H Improper Certificate Validation	<2.18.3-r12
L Uncontrolled Memory Allocation	<2.18.3-r14
H Untrusted Search Path	<2.18.3-r14
L Uncaught Exception	<2.18.3-r11
L Improper Authorization	<2.18.3-r10
L Improper Certificate Validation	<2.18.3-r9
L Improper Certificate Validation	<2.18.3-r9
L Direct Request ('Forced Browsing')	<2.18.3-r9
L Cross-site Scripting (XSS)	<2.18.3-r9
L Directory Traversal	<2.18.3-r9
L Untrusted Search Path	<2.18.3-r8
L Improper Initialization	<2.18.3-r5
C CVE-2025-68121	<2.18.3-r4
L CVE-2025-61732	<2.18.3-r4
L CVE-2025-61731	<2.18.3-r2
L CVE-2025-61730	<2.18.3-r2
L Allocation of Resources Without Limits or Throttling	<2.18.3-r2
L Out-of-bounds Write	<2.18.3-r2
L Allocation of Resources Without Limits or Throttling	<2.18.3-r2
L Allocation of Resources Without Limits or Throttling	<2.18.3-r1
L Improper Certificate Validation	<2.18.1-r3
L Improper Certificate Validation	<2.18.1-r3
L CVE-2025-58181	<2.18.1-r2
L CVE-2025-47914	<2.18.1-r2
L CVE-2025-61725	<2.18.1-r1
L CVE-2025-47912	<2.18.1-r1
L Improper Certificate Validation	<2.18.1-r1
L CVE-2025-58186	<2.18.1-r1
L Algorithmic Complexity	<2.18.1-r1
L Information Exposure Through Log Files	<2.18.1-r1
L CVE-2025-58183	<2.18.1-r1
L Allocation of Resources Without Limits or Throttling	<2.18.1-r1
L Allocation of Resources Without Limits or Throttling	<2.18.1-r1
L Allocation of Resources Without Limits or Throttling	<2.18.1-r1

keda-fips-2.18-admission-webhooks

Direct Vulnerabilities

Fix vulnerabilities automatically