flux-source-controller vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the flux-source-controller package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L GHSA-p77j-4mvh-x3m3	<1.8.1-r2
L Improper Authorization	<1.8.1-r2
L GHSA-7hfw-r8qc-89v4	<1.8.1-r1
L GHSA-ph5j-38mg-j6hp	<1.8.1-r1
L GHSA-j3gx-2473-5fp8	<1.8.1-r1
L CVE-2026-27138	<1.8.1-r1
L GHSA-j4j7-vw47-rhfq	<1.8.1-r1
L CVE-2026-25679	<1.8.1-r1
L CVE-2026-27142	<1.8.1-r1
L CVE-2026-27137	<1.8.1-r1
L GHSA-rv83-g57w-fr8j	<1.8.1-r1
L CVE-2026-27139	<1.8.1-r1
L Server-Side Request Forgery (SSRF)	<1.7.4-r7
L CVE-2025-47914	<1.7.4-r1
L CVE-2025-58181	<1.7.4-r1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1.7.3-r0
H Incorrect Execution-Assigned Permissions	<1.7.3-r1
L Asymmetric Resource Consumption (Amplification)	<1.5.0-r8
L Allocation of Resources Without Limits or Throttling	<1.5.0-r42
L GHSA-w32m-9786-jp63	<1.4.1-r5
L CVE-2025-22871	<1.5.0-r41
L GHSA-f9f8-9pmf-xv68	<1.6.2-r4
L GHSA-5xqw-8hwv-wg92	<1.5.0-r42
M Directory Traversal	<1.7.4-r6
C CVE-2025-68121	<1.7.4-r8
L GHSA-g9pc-8g42-g6vq	<1.5.0-r41
L GHSA-29wx-vh33-7x7r	<1.4.1-r2
L CVE-2024-45338	<1.4.1-r5
L CVE-2025-22869	<1.5.0-r5
L Improper Check for Certificate Revocation	<1.4.1-r7
L Improper Handling of Exceptional Conditions	<1.4.1-r2
L GHSA-37cx-329c-33x3	<1.7.4-r8
L GHSA-j5w8-q4qc-rx2x	<1.7.4-r1
L GHSA-mh63-6h87-95cp	<1.5.0-r8
L GHSA-45v3-38pc-874v	<1.4.1-r7
L GHSA-hcg3-q754-cr77	<1.5.0-r5
L GHSA-4c4x-jm2x-pf9j	<1.7.4-r7
L Allocation of Resources Without Limits or Throttling	<1.6.2-r4
C CVE-2026-1229	<1.8.0-r1
L Resource Exhaustion	<1.4.1-r6
L GHSA-273p-m2cw-6833	<1.7.4-r7
L GHSA-r9px-m959-cxf4	<1.4.1-r6
L GHSA-3whm-j4xm-rv8x	<1.4.1-r9
L GHSA-8jvr-vh7g-f8gx	<1.7.4-r8
L Use of Uninitialized Resource	<1.6.2-r4
L NULL Pointer Dereference	<1.7.4-r7
H Improper Verification of Cryptographic Signature	<1.7.4-r6
L GHSA-pwhc-rpq9-4c8w	<1.7.3-r1
L GHSA-846p-jg2w-w324	<1.7.4-r6
L GHSA-265r-hfxg-fhmg	<1.5.0-r7
M Improper Validation of Integrity Check Value	<1.7.4-r8
H Integer Overflow or Wraparound	<1.5.0-r7
L GHSA-qxp5-gwg8-xv66	<1.5.0-r6
H Reachable Assertion	<1.7.4-r6
L GHSA-m6hq-p25p-ffr2	<1.7.3-r1
L GHSA-h355-32pf-p2xm	<1.7.4-r8
L CVE-2025-22870	<1.5.0-r6
L GHSA-4hfp-h4cw-hj8p	<1.5.0-r42
L Allocation of Resources Without Limits or Throttling	<1.5.0-r1
L GHSA-whqx-f9j3-ch6m	<1.7.4-r5
M Memory Leak	<1.7.3-r1
L GHSA-7wrw-r4p8-38rx	<1.4.1-r8
M Insufficient Verification of Data Authenticity	<1.7.4-r5
L CVE-2025-61732	<1.7.4-r8
L GHSA-v725-9546-7q7m	<1.4.1-r6
L GHSA-6v2p-p543-phr9	<1.5.0-r4
L CVE-2024-34155	<1.3.0-r8
L CVE-2025-22866	<1.4.1-r9
L CVE-2024-34158	<1.3.0-r8
L GHSA-vfp6-jrw2-99g9	<1.7.3-r0
L Arbitrary Argument Injection	<1.4.1-r6
L CVE-2024-45337	<1.4.1-r3
L GHSA-v778-237x-gjrc	<1.4.1-r3
L Stack-based Buffer Overflow	<1.5.0-r42
L GHSA-f6x5-jh6r-wrfv	<1.7.4-r1
L GHSA-jqc5-w2xx-5vq4	<1.7.4-r6
L CVE-2024-45336	<1.4.1-r8
L GHSA-fphv-w9fq-2525	<1.7.4-r6
L GHSA-9h84-qmv7-982p	<1.6.2-r4
L GHSA-557j-xg8c-q2mm	<1.6.2-r2
L Directory Traversal	<1.7.4-r6
L GHSA-fcv2-xgw5-pqxf	<1.7.4-r6
L GHSA-q9hv-hpm4-hj6x	<1.8.0-r1
L CVE-2025-22868	<1.5.0-r4
L CVE-2024-34156	<1.3.0-r8
L CVE-2025-22872	<1.5.0-r43
L GHSA-vvgc-356p-c3xw	<1.5.0-r43
L GHSA-crqm-pwhx-j97f	<1.3.0-r8
L GHSA-3f6r-qh9c-x6mm	<1.4.1-r8
L GHSA-8xfx-rj4p-23jm	<1.3.0-r8
L GHSA-fv92-fjc5-jj9h	<1.6.2-r1
L CVE-2024-45341	<1.4.1-r8
H Arbitrary Code Injection	<1.6.2-r2
L GHSA-j7vj-rw65-4v26	<1.3.0-r8
L GHSA-c6gw-w398-hv78	<1.5.0-r1
L GHSA-v23v-6jw2-98fq	<1.3.0-r6
L CVE-2024-41110	<1.3.0-r6
L GHSA-hw49-2p59-3mhj	<1.3.0-r5
L CVE-2024-24791	<1.3.0-r5
L GHSA-v6v8-xj6m-xwqh	<1.3.0-r4
M Information Exposure Through Log Files	<1.3.0-r4
M Race Condition	<1.3.0-r3
L GHSA-m5vv-6r4h-3vj9	<1.3.0-r3
M CVE-2024-24789	<1.3.0-r2
C CVE-2024-24790	<1.3.0-r2
L GHSA-49gw-vxvf-fc2g	<1.3.0-r2
L GHSA-236w-p7wf-5ph8	<1.3.0-r2
L CVE-2024-24788	<1.3.0-r1
L GHSA-5fq7-4mxc-535h	<1.3.0-r1
L GHSA-2jwv-jmq4-4j3r	<1.3.0-r1
L CVE-2024-24787	<1.3.0-r1
L GHSA-4v7x-pqxf-cx7m	<1.2.5-r2
L CVE-2023-45288	<1.2.5-r2
L GHSA-95pr-fxf5-86gv	<1.2.5-r1
L GHSA-88jx-383q-w4qc	<1.2.5-r1
H Allocation of Resources Without Limits or Throttling	<1.2.5-r1
M Allocation of Resources Without Limits or Throttling	<1.2.5-r1
L GHSA-8r3f-844c-mc37	<1.2.4-r5
L CVE-2024-28180	<1.2.4-r4
L CVE-2024-24786	<1.2.4-r5
L GHSA-c5q2-7r4c-mv6g	<1.2.4-r4
L GHSA-r53h-jv2g-vpx6	<1.2.4-r2
H Use of Uninitialized Resource	<1.2.4-r2
M Directory Traversal	<1.2.4-r1
L GHSA-v53g-5gjp-272r	<1.2.4-r1
L GHSA-9763-4f94-gfch	<1.2.3-r3
L GHSA-7ww5-4wqc-m92c	<1.2.3-r2
M Improper Validation of Integrity Check Value	<1.2.3-r1
L GHSA-45x7-px36-x8w8	<1.2.3-r1
L GHSA-4374-p667-p6c8	<1.1.2-r1
L GHSA-2wrh-6pvc-2jm9	<1.1.2-r1
L GHSA-qppj-fm5r-hxr3	<1.1.2-r2
L GHSA-m425-mq94-257g	<1.1.2-r2
L GHSA-2c7c-3mj9-8fqh	<1.1.2-r3
M Cross-site Scripting (XSS)	<1.1.2-r1
H Allocation of Resources Without Limits or Throttling	<1.1.2-r1
H CVE-2023-44487	<1.1.2-r2

Vulnerability

Vulnerable Version

GHSA-p77j-4mvh-x3m3

<1.8.1-r2