Homepage

tkn

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the tkn package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Improper Certificate Validation

<0.44.1-r3
  • L
GHSA-xm5m-wgh2-rrg3

<0.44.1-r3
  • L
GHSA-5w89-2c2x-6x66

<0.44.1-r2
  • M
Cross-site Scripting (XSS)

<0.44.1-r2
  • L
GHSA-cfp9-33rc-j74f

<0.44.1-r2
  • H
Allocation of Resources Without Limits or Throttling

<0.44.1-r2
  • C
CVE-2026-27143

<0.44.1-r2
  • L
GHSA-7mr4-xjxg-34g6

<0.44.1-r2
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0.44.1-r2
  • H
Incorrect Authorization

<0.44.1-r2
  • L
GHSA-cqrx-3m42-5p5w

<0.44.1-r2
  • L
CVE-2026-32280

<0.44.1-r2
  • M
Allocation of Resources Without Limits or Throttling

<0.44.1-r2
  • L
GHSA-gjvh-7jh8-7xhm

<0.44.1-r2
  • L
GHSA-m4pr-4j3g-9v7v

<0.44.1-r2
  • H
Improper Certificate Validation

<0.44.1-r2
  • L
GHSA-x4jj-h2v8-hqqv

<0.44.1-r2
  • L
GHSA-jrg3-gfjw-hm96

<0.44.1-r2
  • L
GHSA-hfvc-g4fc-pqhx

<0.44.1-r1
  • H
Untrusted Search Path

<0.44.1-r1
  • L
Uncaught Exception

<0.44.0-r5
  • L
GHSA-78h2-9frx-2jm8

<0.44.0-r5
  • L
Improper Validation of Array Index

<0.44.0-r4
  • L
GHSA-cv4x-93xx-wgfj

<0.44.0-r4
  • L
GHSA-j5q5-j9gm-2w5c

<0.44.0-r4
  • L
Improper Authorization

<0.44.0-r4
  • C
Directory Traversal

<0.44.0-r4
  • L
GHSA-p77j-4mvh-x3m3

<0.44.0-r4
  • L
GHSA-j3gx-2473-5fp8

<0.44.0-r2
  • L
Cross-site Scripting (XSS)

<0.44.0-r2
  • L
GHSA-j4j7-vw47-rhfq

<0.44.0-r2
  • L
GHSA-rv83-g57w-fr8j

<0.44.0-r2
  • L
Directory Traversal

<0.44.0-r2
  • L
Direct Request ('Forced Browsing')

<0.44.0-r2
  • L
GHSA-h355-32pf-p2xm

<0.43.0-r8
  • M
Directory Traversal

<0.43.0-r6
  • L
GHSA-fphv-w9fq-2525

<0.43.0-r5
  • L
GHSA-f83f-xpx7-ffpw

<0.43.0-r2
  • L
GHSA-2x5j-vhc8-9cwm

<0.41.0-r1
  • L
Improper Initialization

<0.43.0-r9
  • M
Open Redirect

<0.40.0-r4
  • L
GHSA-8jvr-vh7g-f8gx

<0.43.0-r8
  • L
GHSA-846p-jg2w-w324

<0.43.0-r5
  • L
Improper Handling of Exceptional Conditions

<0.38.1-r2
  • L
CVE-2024-34156

<0.38.1-r0
  • L
GHSA-whqx-f9j3-ch6m

<0.43.0-r7
  • L
GHSA-8pjc-487g-w6p2

<0.42.0-r2
  • L
GHSA-vvgc-356p-c3xw

<0.40.0-r7
  • L
GHSA-qxp5-gwg8-xv66

<0.40.0-r4
  • L
GHSA-vrw8-fxc6-2r93

<0.41.0-r2
  • H
Improper Verification of Cryptographic Signature

<0.43.0-r5
  • L
GHSA-j7vj-rw65-4v26

<0.38.1-r0
  • L
GHSA-hcg3-q754-cr77

<0.40.0-r4
  • L
GHSA-3whm-j4xm-rv8x

<0.39.1-r1
  • L
GHSA-w32m-9786-jp63

<0.39.0-r2
  • L
CVE-2025-22869

<0.40.0-r4
  • L
Improper Validation of Specified Type of Input

<0.41.0-r1
  • L
GHSA-72c7-4g63-hpw5

<0.42.0-r3
  • L
Race Condition

<0.42.0-r3
  • L
Asymmetric Resource Consumption (Amplification)

<0.43.0-r7
  • L
GHSA-4qg8-fj49-pxjh

<0.43.0-r7
  • L
CVE-2025-47910

<0.42.0-r2
  • L
CVE-2025-22868

<0.40.0-r3
  • L
GHSA-v778-237x-gjrc

<0.39.0-r1
  • L
GHSA-9h8m-3fm2-qjrq

<0.44.0-r1
  • L
Allocation of Resources Without Limits or Throttling

<0.40.0-r1
  • L
Untrusted Search Path

<0.44.0-r1
  • L
GHSA-jqc5-w2xx-5vq4

<0.43.0-r6
  • L
GHSA-4f8r-qqr9-fq8j

<0.42.0-r3
  • L
GHSA-4c4x-jm2x-pf9j

<0.43.0-r4
  • L
GHSA-fw7p-63qq-7hpr

<0.43.0-r9
  • L
GHSA-fv92-fjc5-jj9h

<0.41.0-r3
  • L
CVE-2025-22871

<0.40.0-r6
  • L
GHSA-273p-m2cw-6833

<0.43.0-r4
  • L
CVE-2025-22872

<0.40.0-r7
  • M
Insufficient Verification of Data Authenticity

<0.43.0-r7
  • L
Improper Certificate Validation

<0.42.0-r3
  • L
CVE-2024-45338

<0.39.0-r2
  • L
GHSA-g9pc-8g42-g6vq

<0.40.0-r6
  • L
GHSA-fcv2-xgw5-pqxf

<0.43.0-r3
  • L
Asymmetric Resource Consumption (Amplification)

<0.40.0-r5
  • L
CVE-2025-22870

<0.40.0-r4
  • L
Asymmetric Resource Consumption (Amplification)

<0.43.0-r2
  • L
GHSA-c6gw-w398-hv78

<0.40.0-r1
  • L
CVE-2024-34155

<0.38.1-r0
  • L
CVE-2025-22866

<0.39.1-r1
  • L
CVE-2024-34158

<0.38.1-r0
  • L
GHSA-mh63-6h87-95cp

<0.40.0-r5
  • C
CVE-2025-68121

<0.43.0-r8
  • L
Server-Side Request Forgery (SSRF)

<0.43.0-r4
  • H
Reachable Assertion

<0.43.0-r5
  • L
NULL Pointer Dereference

<0.43.0-r4
  • L
GHSA-29wx-vh33-7x7r

<0.38.1-r2
  • L
GHSA-33c5-9fx5-fvjm

<0.40.0-r4
  • L
CVE-2025-61732

<0.43.0-r8
  • L
Directory Traversal

<0.43.0-r3
  • L
GHSA-crqm-pwhx-j97f

<0.38.1-r0
  • L
CVE-2024-45337

<0.39.0-r1
  • L
GHSA-6v2p-p543-phr9

<0.40.0-r3
  • L
GHSA-8xfx-rj4p-23jm

<0.38.1-r0
  • L
CVE-2024-41110

<0.37.0-r5
  • L
CVE-2024-24791

<0.37.0-r4
  • M
Information Exposure Through Log Files

<0.37.0-r3
  • M
CVE-2024-24789

<0.37.0-r1
  • C
CVE-2024-24790

<0.37.0-r1
  • M
Race Condition

<0.37.0-r2
  • H
Allocation of Resources Without Limits or Throttling

<0.36.0-r3
  • M
Allocation of Resources Without Limits or Throttling

<0.36.0-r3
  • L
CVE-2023-45288

<0.36.0-r4
  • H
Incorrect Resource Transfer Between Spheres

<0.36.0-r2
  • L
CVE-2024-28180

<0.35.1-r2
  • L
CVE-2024-24786

<0.36.0-r0
  • M
Improper Validation of Integrity Check Value

<0.33.0-r3
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0.33.0-r2
  • M
Cross-site Scripting (XSS)

<0.32.0-r4
  • H
Allocation of Resources Without Limits or Throttling

<0.32.0-r4