flux-source-controller

Direct Vulnerabilities

Known vulnerabilities in the flux-source-controller package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Integer Overflow or Wraparound	<1.8.2-r6
L GHSA-pjcq-xvwq-hhpj	<1.8.2-r6
L GHSA-3xc5-wrhm-f963	<1.8.2-r5
L GHSA-xm5m-wgh2-rrg3	<1.8.2-r4
L Improper Certificate Validation	<1.8.2-r4
L GHSA-hr2v-4r36-88hr	<1.8.2-r4
L GHSA-vmx8-mqv2-9gmg	<1.8.2-r4
H Not Failing Securely ('Failing Open')	<1.8.2-r4
M Directory Traversal	<1.8.2-r4
H Directory Traversal	<1.8.2-r4
L GHSA-q5jf-9vfq-h4h7	<1.8.2-r4
L GHSA-hfvc-g4fc-pqhx	<1.8.2-r4
H Untrusted Search Path	<1.8.2-r4
L GHSA-x4jj-h2v8-hqqv	<1.8.2-r4
L GHSA-m4pr-4j3g-9v7v	<1.8.2-r4
L CVE-2026-32280	<1.8.2-r4
H Allocation of Resources Without Limits or Throttling	<1.8.2-r4
H Improper Certificate Validation	<1.8.2-r4
M Cross-site Scripting (XSS)	<1.8.2-r4
M Allocation of Resources Without Limits or Throttling	<1.8.2-r4
H Improper Certificate Validation	<1.8.2-r4
L GHSA-5w89-2c2x-6x66	<1.8.2-r4
L GHSA-fv83-x2xw-2j55	<1.8.2-r4
L GHSA-jrg3-gfjw-hm96	<1.8.2-r4
H Incorrect Authorization	<1.8.2-r4
L GHSA-7mr4-xjxg-34g6	<1.8.2-r4
L GHSA-gjvh-7jh8-7xhm	<1.8.2-r4
L GHSA-78h2-9frx-2jm8	<1.8.1-r5
L GHSA-gm2x-2g9h-ccm8	<1.8.1-r3
L Integer Underflow	<1.8.1-r3
L Improper Validation of Array Index	<1.8.1-r3
L Uncaught Exception	<1.8.1-r5
L GHSA-jhf3-xxhw-2wpp	<1.8.1-r3
L GHSA-p77j-4mvh-x3m3	<1.8.1-r2
L Improper Authorization	<1.8.1-r2
L GHSA-7hfw-r8qc-89v4	<1.8.1-r1
L GHSA-ph5j-38mg-j6hp	<1.8.1-r1
L GHSA-j3gx-2473-5fp8	<1.8.1-r1
L Improper Certificate Validation	<1.8.1-r1
L GHSA-j4j7-vw47-rhfq	<1.8.1-r1
L Direct Request ('Forced Browsing')	<1.8.1-r1
L Cross-site Scripting (XSS)	<1.8.1-r1
L Improper Certificate Validation	<1.8.1-r1
L GHSA-rv83-g57w-fr8j	<1.8.1-r1
L Directory Traversal	<1.8.1-r1
L Server-Side Request Forgery (SSRF)	<1.7.4-r7
L CVE-2025-47914	<1.7.4-r1
L CVE-2025-58181	<1.7.4-r1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1.7.3-r0
H Incorrect Execution-Assigned Permissions	<1.7.3-r1
L Asymmetric Resource Consumption (Amplification)	<1.5.0-r8
L Allocation of Resources Without Limits or Throttling	<1.5.0-r42
L GHSA-w32m-9786-jp63	<1.4.1-r5
L CVE-2025-22871	<1.5.0-r41
L GHSA-f9f8-9pmf-xv68	<1.6.2-r4
L GHSA-5xqw-8hwv-wg92	<1.5.0-r42
M Directory Traversal	<1.7.4-r6
C CVE-2025-68121	<1.7.4-r8
L GHSA-g9pc-8g42-g6vq	<1.5.0-r41
L GHSA-29wx-vh33-7x7r	<1.4.1-r2
L CVE-2024-45338	<1.4.1-r5
L CVE-2025-22869	<1.5.0-r5
L Improper Check for Certificate Revocation	<1.4.1-r7
L Improper Handling of Exceptional Conditions	<1.4.1-r2
L GHSA-37cx-329c-33x3	<1.7.4-r8
L GHSA-j5w8-q4qc-rx2x	<1.7.4-r1
L GHSA-mh63-6h87-95cp	<1.5.0-r8
L GHSA-45v3-38pc-874v	<1.4.1-r7
L GHSA-hcg3-q754-cr77	<1.5.0-r5
L GHSA-4c4x-jm2x-pf9j	<1.7.4-r7
L Allocation of Resources Without Limits or Throttling	<1.6.2-r4
C CVE-2026-1229	<1.8.0-r1
L Resource Exhaustion	<1.4.1-r6
L GHSA-273p-m2cw-6833	<1.7.4-r7
L GHSA-r9px-m959-cxf4	<1.4.1-r6
L GHSA-3whm-j4xm-rv8x	<1.4.1-r9
L GHSA-8jvr-vh7g-f8gx	<1.7.4-r8
L Use of Uninitialized Resource	<1.6.2-r4
L NULL Pointer Dereference	<1.7.4-r7
H Improper Verification of Cryptographic Signature	<1.7.4-r6
L GHSA-pwhc-rpq9-4c8w	<1.7.3-r1
L GHSA-846p-jg2w-w324	<1.7.4-r6
L GHSA-265r-hfxg-fhmg	<1.5.0-r7
M Improper Validation of Integrity Check Value	<1.7.4-r8
H Integer Overflow or Wraparound	<1.5.0-r7
L GHSA-qxp5-gwg8-xv66	<1.5.0-r6
H Reachable Assertion	<1.7.4-r6
L GHSA-m6hq-p25p-ffr2	<1.7.3-r1
L GHSA-h355-32pf-p2xm	<1.7.4-r8
L CVE-2025-22870	<1.5.0-r6
L GHSA-4hfp-h4cw-hj8p	<1.5.0-r42
L Allocation of Resources Without Limits or Throttling	<1.5.0-r1
L GHSA-whqx-f9j3-ch6m	<1.7.4-r5
M Memory Leak	<1.7.3-r1
L GHSA-7wrw-r4p8-38rx	<1.4.1-r8
M Insufficient Verification of Data Authenticity	<1.7.4-r5
L CVE-2025-61732	<1.7.4-r8
L GHSA-v725-9546-7q7m	<1.4.1-r6
L GHSA-6v2p-p543-phr9	<1.5.0-r4
L CVE-2024-34155	<1.3.0-r8
L CVE-2025-22866	<1.4.1-r9
L CVE-2024-34158	<1.3.0-r8
L GHSA-vfp6-jrw2-99g9	<1.7.3-r0
L Arbitrary Argument Injection	<1.4.1-r6
L CVE-2024-45337	<1.4.1-r3
L GHSA-v778-237x-gjrc	<1.4.1-r3
L Stack-based Buffer Overflow	<1.5.0-r42
L GHSA-f6x5-jh6r-wrfv	<1.7.4-r1
L GHSA-jqc5-w2xx-5vq4	<1.7.4-r6
L CVE-2024-45336	<1.4.1-r8
L GHSA-fphv-w9fq-2525	<1.7.4-r6
L GHSA-9h84-qmv7-982p	<1.6.2-r4
L GHSA-557j-xg8c-q2mm	<1.6.2-r2
L Directory Traversal	<1.7.4-r6
L GHSA-fcv2-xgw5-pqxf	<1.7.4-r6
L GHSA-q9hv-hpm4-hj6x	<1.8.0-r1
L CVE-2025-22868	<1.5.0-r4
L CVE-2024-34156	<1.3.0-r8
L CVE-2025-22872	<1.5.0-r43
L GHSA-vvgc-356p-c3xw	<1.5.0-r43
L GHSA-crqm-pwhx-j97f	<1.3.0-r8
L GHSA-3f6r-qh9c-x6mm	<1.4.1-r8
L GHSA-8xfx-rj4p-23jm	<1.3.0-r8
L GHSA-fv92-fjc5-jj9h	<1.6.2-r1
L CVE-2024-45341	<1.4.1-r8
H Arbitrary Code Injection	<1.6.2-r2
L GHSA-j7vj-rw65-4v26	<1.3.0-r8
L GHSA-c6gw-w398-hv78	<1.5.0-r1
L CVE-2024-41110	<1.3.0-r6
L CVE-2024-24791	<1.3.0-r5
M Information Exposure Through Log Files	<1.3.0-r4
M Race Condition	<1.3.0-r3
M CVE-2024-24789	<1.3.0-r2
C CVE-2024-24790	<1.3.0-r2
L CVE-2024-24788	<1.3.0-r1
L CVE-2024-24787	<1.3.0-r1
L CVE-2023-45288	<1.2.5-r2
H Allocation of Resources Without Limits or Throttling	<1.2.5-r1
M Allocation of Resources Without Limits or Throttling	<1.2.5-r1
L CVE-2024-28180	<1.2.4-r4
L CVE-2024-24786	<1.2.4-r5
H Use of Uninitialized Resource	<1.2.4-r2
M Directory Traversal	<1.2.4-r1
M Improper Validation of Integrity Check Value	<1.2.3-r1
M Cross-site Scripting (XSS)	<1.1.2-r1
H Allocation of Resources Without Limits or Throttling	<1.1.2-r1
H CVE-2023-44487	<1.1.2-r2

Vulnerability

Vulnerable Version

Integer Overflow or Wraparound

<1.8.2-r6