CLEANSTART-2026-RJ35552

See a problem?

Import Source

https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-RJ35552.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-RJ35552

Upstream

CVE-2025-61727

CVE-2025-61729

CVE-2026-24051

ghsa-9h8m-3fm2-qjrq

ghsa-f6x5-jh6r-wrfv

ghsa-j5w8-q4qc-rx2x

Published

2026-04-01T09:33:02.201776Z

Modified

2026-05-21T10:30:05.934135339Z

Summary

Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 2.17.0-r0, 2.17.0-r1, 2.18.0-r1

Details

Multiple security vulnerabilities affect the kube-state-metrics-fips package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / kube-state-metrics-fips

Package

Name: kube-state-metrics-fips

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.18.0-r1

Database specific

source

"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-RJ35552.json"