kubescape | Snyk

Direct Vulnerabilities

Known vulnerabilities in the kubescape package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Improper Access Control	<4.0.5-r0
L Allocation of Resources Without Limits or Throttling	<4.0.5-r0
L CVE-2026-4660	<4.0.5-r0
L GHSA-xm5m-wgh2-rrg3	<4.0.5-r0
L Improper Certificate Validation	<4.0.5-r0
L Improper Validation of Array Index	<4.0.5-r0
L GHSA-hr2v-4r36-88hr	<4.0.5-r0
L Uncontrolled Memory Allocation	<4.0.5-r0
L GHSA-pc3f-x583-g7j2	<4.0.5-r0
H Untrusted Search Path	<4.0.5-r0
M Directory Traversal	<4.0.5-r0
L Directory Traversal	<4.0.5-r0
L GHSA-hxv8-4j4r-cqgv	<4.0.5-r0
L GHSA-gm2x-2g9h-ccm8	<4.0.5-r0
L GHSA-hfvc-g4fc-pqhx	<4.0.5-r0
C Directory Traversal	<4.0.5-r0
L GHSA-92mm-2pjq-r785	<4.0.5-r0
L GHSA-4c29-8rgm-jvjj	<4.0.5-r0
L Uncaught Exception	<4.0.5-r0
L Integer Underflow	<4.0.5-r0
L GHSA-4vrq-3vrq-g6gg	<4.0.5-r0
L GHSA-xmrv-pmrh-hhx2	<4.0.5-r0
L GHSA-jhf3-xxhw-2wpp	<4.0.5-r0
L GHSA-78h2-9frx-2jm8	<4.0.5-r0
L GHSA-w8rr-5gcm-pp58	<4.0.5-r0
L Improper Cleanup on Thrown Exception	<4.0.5-r1
L GHSA-rjcw-vg7j-m9rc	<4.0.5-r1
H Incorrect Authorization	<4.0.3-r3
L GHSA-7mr4-xjxg-34g6	<4.0.3-r3
H Allocation of Resources Without Limits or Throttling	<4.0.3-r3
M Cross-site Scripting (XSS)	<4.0.3-r3
L GHSA-jrg3-gfjw-hm96	<4.0.3-r3
H Improper Certificate Validation	<4.0.3-r3
L CVE-2026-32280	<4.0.3-r3
M Allocation of Resources Without Limits or Throttling	<4.0.3-r3
L GHSA-gjvh-7jh8-7xhm	<4.0.3-r3
L GHSA-5w89-2c2x-6x66	<4.0.3-r3
M Link Following	<4.0.3-r3
L GHSA-x4jj-h2v8-hqqv	<4.0.3-r3
L GHSA-m4pr-4j3g-9v7v	<4.0.3-r3
L GHSA-xj38-jxc5-rppx	<4.0.3-r3
L Improper Authorization	<4.0.3-r1
L GHSA-p77j-4mvh-x3m3	<4.0.3-r1
L GHSA-rv83-g57w-fr8j	<4.0.2-r3
L CVE-2026-27139	<4.0.2-r3
L CVE-2026-27142	<4.0.2-r3
L GHSA-j4j7-vw47-rhfq	<4.0.2-r3
L GHSA-j3gx-2473-5fp8	<4.0.2-r3
L CVE-2026-25679	<4.0.2-r3
L GHSA-846p-jg2w-w324	<3.0.48-r0
L GHSA-37cx-329c-33x3	<4.0.0-r1
L GHSA-59jp-pj84-45mr	<3.0.48-r0
L Allocation of Resources Without Limits or Throttling	<3.0.37-r2
L GHSA-2x5j-vhc8-9cwm	<3.0.34-r3
M Improper Validation of Integrity Check Value	<4.0.0-r1
L CVE-2024-45337	<3.0.22-r1
H Symlink Following	<3.0.44-r0
L Improper Validation of Specified Type of Input	<3.0.34-r3
L GHSA-29wx-vh33-7x7r	<3.0.18-r1
L GHSA-f9f8-9pmf-xv68	<3.0.37-r2
H Improper Verification of Cryptographic Signature	<3.0.48-r0
L GHSA-7c64-f9jr-v9h2	<3.0.46-r0
M Memory Leak	<3.0.44-r0
H Reachable Assertion	<3.0.48-r0
L Stack-based Buffer Overflow	<3.0.34-r1
L GHSA-265r-hfxg-fhmg	<3.0.32-r1
L Improper Certificate Validation	<3.0.46-r0
L GHSA-m4gq-fm9h-8q75	<3.0.43-r0
L GHSA-4f8r-qqr9-fq8j	<3.0.18-r0
L Allocation of Resources Without Limits or Throttling	<3.0.34-r1
H Authentication Bypass	<3.0.18-r0
L GHSA-j7vj-rw65-4v26	<3.0.17-r0
L Race Condition	<3.0.37-r1
L CVE-2025-22869	<3.0.32-r1
L CVE-2025-22866	<3.0.25-r1
L GHSA-j5pm-7495-qmr3	<3.0.37-r1
L GHSA-9h8m-3fm2-qjrq	<4.0.2-r2
L Untrusted Search Path	<4.0.2-r2
L GHSA-4qg8-fj49-pxjh	<3.0.47-r0
L GHSA-cgrx-mc8f-2prm	<3.0.44-r0
L GHSA-wjrx-6529-hcj3	<3.0.38-r1
L GHSA-pwhc-rpq9-4c8w	<3.0.44-r0
L CVE-2025-8959	<3.0.38-r1
L GHSA-g9pc-8g42-g6vq	<3.0.34-r1
L GHSA-fphv-w9fq-2525	<3.0.48-r0
L GHSA-qxp5-gwg8-xv66	<3.0.31-r2
L GHSA-4hfp-h4cw-hj8p	<3.0.34-r1
L Asymmetric Resource Consumption (Amplification)	<3.0.47-r0
L GHSA-v725-9546-7q7m	<3.0.22-r3
L GHSA-w32m-9786-jp63	<3.0.22-r2
L Race Condition	<3.0.18-r0
L NULL Pointer Dereference	<3.0.48-r0
L GHSA-273p-m2cw-6833	<3.0.48-r0
L CVE-2024-34156	<3.0.17-r0
L Directory Traversal	<4.0.0-r0
L CVE-2025-22870	<3.0.31-r2
L GHSA-m6hq-p25p-ffr2	<3.0.44-r0
L GHSA-vvgc-356p-c3xw	<3.0.34-r2
L CVE-2025-22872	<3.0.34-r2
L GHSA-fcv2-xgw5-pqxf	<4.0.0-r0
L GHSA-hcg3-q754-cr77	<3.0.32-r1
L GHSA-4c4x-jm2x-pf9j	<3.0.48-r0
L Resource Exhaustion	<3.0.22-r3
L Arbitrary Argument Injection	<3.0.22-r3
L GHSA-crqm-pwhx-j97f	<3.0.17-r0
H Incorrect Execution-Assigned Permissions	<3.0.44-r0
L GHSA-8xfx-rj4p-23jm	<3.0.17-r0
H Integer Overflow or Wraparound	<3.0.32-r1
L GHSA-v778-237x-gjrc	<3.0.22-r1
L CVE-2024-45338	<3.0.22-r2
L GHSA-q9hv-hpm4-hj6x	<4.0.2-r1
L Server-Side Request Forgery (SSRF)	<3.0.48-r0
M Server-Side Request Forgery (SSRF)	<3.0.48-r0
L GHSA-5xqw-8hwv-wg92	<3.0.34-r1
L CVE-2025-22871	<3.0.34-r1
C CVE-2026-1229	<4.0.2-r1
L GHSA-3whm-j4xm-rv8x	<3.0.25-r1
L Allocation of Resources Without Limits or Throttling	<3.0.30-r1
L GHSA-rwvp-r38j-9rgg	<3.0.41-r1
L GHSA-r9px-m959-cxf4	<3.0.22-r3
L GHSA-c6gw-w398-hv78	<3.0.30-r1
L CVE-2025-22868	<3.0.31-r1
L GHSA-6v2p-p543-phr9	<3.0.31-r1
M CVE-2025-11579	<3.0.41-r1
L CVE-2025-0495	<3.0.43-r0
L Asymmetric Resource Consumption (Amplification)	<3.0.47-r0
L Asymmetric Resource Consumption (Amplification)	<3.0.32-r2
L Use of Uninitialized Resource	<3.0.37-r2
L GHSA-f83f-xpx7-ffpw	<3.0.47-r0
L GHSA-mh63-6h87-95cp	<3.0.32-r2
L GHSA-9h84-qmv7-982p	<3.0.37-r2
M Directory Traversal	<4.0.0-r0
L CVE-2024-34155	<3.0.17-r0
L GHSA-c77r-fh37-x2px	<3.0.18-r0
L Improper Handling of Exceptional Conditions	<3.0.18-r1
L GHSA-jqc5-w2xx-5vq4	<4.0.0-r0
L CVE-2024-34158	<3.0.17-r0
L CVE-2024-41110	<3.0.15-r1
L GHSA-v23v-6jw2-98fq	<3.0.15-r1
L CVE-2024-35192	<3.0.12-r0
L GHSA-xcq4-m2r3-cmrj	<3.0.12-r0
L GHSA-xfhp-jf8p-mh5w	<3.0.11-r3
H CVE-2024-6257	<3.0.11-r3
M Race Condition	<3.0.11-r2
L GHSA-m5vv-6r4h-3vj9	<3.0.11-r2
M Information Exposure Through Log Files	<3.0.11-r2
L GHSA-v6v8-xj6m-xwqh	<3.0.11-r2
C CVE-2024-24790	<3.0.11-r1
L GHSA-49gw-vxvf-fc2g	<3.0.11-r1
M CVE-2024-24789	<3.0.11-r1
L GHSA-236w-p7wf-5ph8	<3.0.11-r1
L GHSA-2jwv-jmq4-4j3r	<3.0.10-r1
L GHSA-5fq7-4mxc-535h	<3.0.10-r1
L CVE-2024-24787	<3.0.10-r1
L CVE-2024-24788	<3.0.10-r1
H Directory Traversal	<3.0.10-r0
L GHSA-rhh4-rh7c-7r5v	<3.0.10-r0
L CVE-2024-3817	<3.0.9-r0
L GHSA-q64h-39hv-4cf7	<3.0.9-r0
L GHSA-4v7x-pqxf-cx7m	<3.0.8-r3
L CVE-2023-45288	<3.0.8-r3
L GHSA-88jx-383q-w4qc	<3.0.8-r2
L GHSA-95pr-fxf5-86gv	<3.0.8-r2
H Allocation of Resources Without Limits or Throttling	<3.0.8-r2
M Allocation of Resources Without Limits or Throttling	<3.0.8-r2
H Incorrect Resource Transfer Between Spheres	<3.0.7-r1
L GHSA-mq39-4gv4-mvpx	<3.0.7-r1
H Origin Validation Error	<3.0.7-r1
L GHSA-xw73-rw38-6vjc	<3.0.7-r1
L CVE-2024-24786	<3.0.6-r1
L CVE-2024-28180	<3.0.43-r0
L GHSA-8r3f-844c-mc37	<3.0.6-r1
L GHSA-c5q2-7r4c-mv6g	<3.0.43-r0
H Use of Uninitialized Resource	<3.0.3-r8
L GHSA-r53h-jv2g-vpx6	<3.0.3-r8
L GHSA-v53g-5gjp-272r	<3.0.3-r8
M Directory Traversal	<3.0.3-r8
L GHSA-xr7r-f8xq-vfvv	<3.0.3-r7
H Exposure of Resource to Wrong Sphere	<3.0.3-r7
L GHSA-m3r6-h7wv-7xxv	<3.0.3-r7
C Incorrect Authorization	<3.0.3-r7
C Directory Traversal	<3.0.3-r7
H Race Condition	<3.0.3-r7
L GHSA-wr6v-9f75-vh2g	<3.0.3-r7
L GHSA-9p26-698r-w4hx	<3.0.3-r7
L GHSA-4v98-7qmw-rqr8	<3.0.3-r7
L GHSA-hpxr-w9w7-g4gv	<3.0.3-r7
M Improper Check for Unusual or Exceptional Conditions	<3.0.3-r7
C Directory Traversal	<3.0.3-r7
L GHSA-9763-4f94-gfch	<3.0.3-r3
M Resource Exhaustion	<3.0.3-r4
L GHSA-7f9x-gw85-8grf	<3.0.3-r4
H NULL Pointer Dereference	<3.0.3-r4
L GHSA-vfp6-jrw2-99g9	<3.0.3-r3
L GHSA-pvcr-v8j8-j5q3	<3.0.3-r4
M Loop with Unreachable Exit Condition ('Infinite Loop')	<3.0.3-r3
L GHSA-m425-mq94-257g	<3.0.3-r1
M Improper Validation of Integrity Check Value	<3.0.3-r1
L GHSA-jq35-85cj-fj4p	<3.0.3-r1
L GHSA-8pgv-569h-w5rw	<3.0.3-r1
H CVE-2023-47108	<3.0.3-r1
L GHSA-7ww5-4wqc-m92c	<3.0.3-r1
L GHSA-2c7c-3mj9-8fqh	<3.0.3-r1
L GHSA-45x7-px36-x8w8	<3.0.3-r1
L GHSA-4374-p667-p6c8	<3.0.0-r0
L GHSA-qppj-fm5r-hxr3	<3.0.0-r0
H Allocation of Resources Without Limits or Throttling	<3.0.0-r0
H CVE-2023-44487	<3.0.0-r0

Vulnerability

Vulnerable Version

Improper Access Control

<4.0.5-r0

Allocation of Resources Without Limits or Throttling

<4.0.5-r0

CVE-2026-4660

<4.0.5-r0

GHSA-xm5m-wgh2-rrg3

<4.0.5-r0

Improper Certificate Validation

<4.0.5-r0

Improper Validation of Array Index

<4.0.5-r0

GHSA-hr2v-4r36-88hr

<4.0.5-r0

Uncontrolled Memory Allocation

<4.0.5-r0

GHSA-pc3f-x583-g7j2

<4.0.5-r0

Untrusted Search Path

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

<4.0.5-r0

Improper Cleanup on Thrown Exception

<4.0.5-r1

GHSA-rjcw-vg7j-m9rc

<4.0.5-r1

Incorrect Authorization

<4.0.3-r3

GHSA-7mr4-xjxg-34g6

<4.0.3-r3

Allocation of Resources Without Limits or Throttling

<4.0.3-r3

Cross-site Scripting (XSS)

<4.0.3-r3

GHSA-jrg3-gfjw-hm96

<4.0.3-r3

Improper Certificate Validation

<4.0.3-r3

CVE-2026-32280

<4.0.3-r3

Allocation of Resources Without Limits or Throttling

<4.0.3-r3

<4.0.3-r3

<4.0.3-r3

<4.0.3-r3

<4.0.3-r3

<4.0.3-r3

<4.0.3-r3

Improper Authorization

<4.0.3-r1

<4.0.3-r1

<4.0.2-r3

<4.0.2-r3

<4.0.2-r3

<4.0.2-r3

<4.0.2-r3

<4.0.2-r3

<3.0.48-r0

<4.0.0-r1

<3.0.48-r0

Allocation of Resources Without Limits or Throttling

<3.0.37-r2

GHSA-2x5j-vhc8-9cwm

<3.0.34-r3

Improper Validation of Integrity Check Value

<4.0.0-r1

CVE-2024-45337

<3.0.22-r1

Symlink Following

<3.0.44-r0

Improper Validation of Specified Type of Input

<3.0.34-r3

GHSA-29wx-vh33-7x7r

<3.0.18-r1

GHSA-f9f8-9pmf-xv68

<3.0.37-r2

Improper Verification of Cryptographic Signature

<3.0.48-r0

GHSA-7c64-f9jr-v9h2

<3.0.46-r0

Memory Leak

<3.0.44-r0

Reachable Assertion

<3.0.48-r0

Stack-based Buffer Overflow

<3.0.34-r1

GHSA-265r-hfxg-fhmg

<3.0.32-r1

Improper Certificate Validation

<3.0.46-r0

GHSA-m4gq-fm9h-8q75

<3.0.43-r0

GHSA-4f8r-qqr9-fq8j

<3.0.18-r0

Allocation of Resources Without Limits or Throttling

<3.0.34-r1

Authentication Bypass

<3.0.18-r0

<3.0.17-r0

<3.0.37-r1

<3.0.32-r1

<3.0.25-r1

<3.0.37-r1

<4.0.2-r2

Untrusted Search Path

<4.0.2-r2

<3.0.47-r0

<3.0.44-r0

<3.0.38-r1

<3.0.44-r0

<3.0.38-r1

<3.0.34-r1

<3.0.48-r0

<3.0.31-r2

<3.0.34-r1

Asymmetric Resource Consumption (Amplification)

<3.0.47-r0

GHSA-v725-9546-7q7m

<3.0.22-r3

GHSA-w32m-9786-jp63

<3.0.22-r2

Race Condition

<3.0.18-r0

NULL Pointer Dereference

<3.0.48-r0

<3.0.48-r0

<3.0.17-r0

<4.0.0-r0

<3.0.31-r2

<3.0.44-r0

<3.0.34-r2

<3.0.34-r2

<4.0.0-r0

<3.0.32-r1

<3.0.48-r0

<3.0.22-r3

Arbitrary Argument Injection

<3.0.22-r3

GHSA-crqm-pwhx-j97f

<3.0.17-r0

Incorrect Execution-Assigned Permissions

<3.0.44-r0

GHSA-8xfx-rj4p-23jm

<3.0.17-r0

Integer Overflow or Wraparound

<3.0.32-r1

GHSA-v778-237x-gjrc

<3.0.22-r1

CVE-2024-45338

<3.0.22-r2

GHSA-q9hv-hpm4-hj6x

<4.0.2-r1

Server-Side Request Forgery (SSRF)

<3.0.48-r0

Server-Side Request Forgery (SSRF)

<3.0.48-r0

<3.0.34-r1

<3.0.34-r1

<4.0.2-r1

<3.0.25-r1

Allocation of Resources Without Limits or Throttling

<3.0.30-r1

<3.0.41-r1

<3.0.22-r3

<3.0.30-r1

<3.0.31-r1

<3.0.31-r1

<3.0.41-r1

<3.0.43-r0

Asymmetric Resource Consumption (Amplification)

<3.0.47-r0

Asymmetric Resource Consumption (Amplification)

<3.0.32-r2

Use of Uninitialized Resource

<3.0.37-r2

<3.0.47-r0

<3.0.32-r2

<3.0.37-r2

<4.0.0-r0

<3.0.17-r0

<3.0.18-r0

Improper Handling of Exceptional Conditions

<3.0.18-r1

<4.0.0-r0

<3.0.17-r0

<3.0.15-r1

<3.0.15-r1

<3.0.12-r0

<3.0.12-r0

<3.0.11-r3

<3.0.11-r3

<3.0.11-r2

<3.0.11-r2

Information Exposure Through Log Files

<3.0.11-r2

<3.0.11-r2

<3.0.11-r1

<3.0.11-r1

<3.0.11-r1

<3.0.11-r1

<3.0.10-r1

<3.0.10-r1

<3.0.10-r1

<3.0.10-r1

<3.0.10-r0

<3.0.10-r0

<3.0.9-r0

<3.0.9-r0

<3.0.8-r3

<3.0.8-r3

<3.0.8-r2

<3.0.8-r2

Allocation of Resources Without Limits or Throttling

<3.0.8-r2

Allocation of Resources Without Limits or Throttling

<3.0.8-r2

Incorrect Resource Transfer Between Spheres

<3.0.7-r1

GHSA-mq39-4gv4-mvpx

<3.0.7-r1

Origin Validation Error

<3.0.7-r1

<3.0.7-r1

<3.0.6-r1

<3.0.43-r0

<3.0.6-r1

<3.0.43-r0

Use of Uninitialized Resource

<3.0.3-r8

<3.0.3-r8

<3.0.3-r8

<3.0.3-r8

<3.0.3-r7

Exposure of Resource to Wrong Sphere

<3.0.3-r7

GHSA-m3r6-h7wv-7xxv

<3.0.3-r7

Incorrect Authorization

<3.0.3-r7

<3.0.3-r7

<3.0.3-r7

<3.0.3-r7

<3.0.3-r7

<3.0.3-r7

<3.0.3-r7

Improper Check for Unusual or Exceptional Conditions

<3.0.3-r7

<3.0.3-r7

<3.0.3-r3

<3.0.3-r4

<3.0.3-r4

NULL Pointer Dereference

<3.0.3-r4

GHSA-vfp6-jrw2-99g9

<3.0.3-r3

GHSA-pvcr-v8j8-j5q3

<3.0.3-r4

Loop with Unreachable Exit Condition ('Infinite Loop')

<3.0.3-r3

GHSA-m425-mq94-257g

<3.0.3-r1

Improper Validation of Integrity Check Value

<3.0.3-r1

<3.0.3-r1

<3.0.3-r1

<3.0.3-r1

<3.0.3-r1

<3.0.3-r1

<3.0.3-r1

<3.0.0-r0

<3.0.0-r0

Allocation of Resources Without Limits or Throttling

<3.0.0-r0

CVE-2023-44487

<3.0.0-r0