chore: add Zarf values guidelines for UDS Packages by Racer159 · Pull Request #679 · defenseunicorns/uds-common

Racer159 · 2026-05-20T18:56:51Z

Description

This adds Zarf values guidance and wiring for implementing this feature within UDS Packages going forward.

Checklist before merging

ADR proposed if making an architectural change to the repo
Tests run, docs added or updated as needed

github-actions · 2026-05-20T18:59:17Z

nginx `1.30.0` -> `1.30.0`

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 266

New vulnerabilities

ID	SEVERITY	URL

Fixed vulnerabilities

ID	SEVERITY	URL

Existing vulnerabilities

ID	SEVERITY	URL
CVE-2026-33845	critical	https://security-tracker.debian.org/tracker/CVE-2026-33845
CVE-2026-5450	critical	https://security-tracker.debian.org/tracker/CVE-2026-5450
CVE-2026-8376	critical	https://security-tracker.debian.org/tracker/CVE-2026-8376
CVE-2026-42496	critical	https://security-tracker.debian.org/tracker/CVE-2026-42496
CVE-2026-9256	critical	https://security-tracker.debian.org/tracker/CVE-2026-9256
CVE-2026-5450	critical	https://security-tracker.debian.org/tracker/CVE-2026-5450
CVE-2026-42010	critical	https://security-tracker.debian.org/tracker/CVE-2026-42010
CVE-2026-5435	high	https://security-tracker.debian.org/tracker/CVE-2026-5435
CVE-2025-59375	high	https://security-tracker.debian.org/tracker/CVE-2025-59375
CVE-2026-27135	high	https://security-tracker.debian.org/tracker/CVE-2026-27135
CVE-2026-4878	high	https://security-tracker.debian.org/tracker/CVE-2026-4878
CVE-2026-45186	high	https://security-tracker.debian.org/tracker/CVE-2026-45186
CVE-2025-69720	high	https://security-tracker.debian.org/tracker/CVE-2025-69720
CVE-2026-42011	high	https://security-tracker.debian.org/tracker/CVE-2026-42011
CVE-2026-25210	high	https://security-tracker.debian.org/tracker/CVE-2026-25210
CVE-2026-32740	high	https://security-tracker.debian.org/tracker/CVE-2026-32740
CVE-2026-5773	high	https://security-tracker.debian.org/tracker/CVE-2026-5773
CVE-2026-5928	high	https://security-tracker.debian.org/tracker/CVE-2026-5928
CVE-2026-42013	high	https://security-tracker.debian.org/tracker/CVE-2026-42013
CVE-2025-68431	high	https://security-tracker.debian.org/tracker/CVE-2025-68431
CVE-2026-33846	high	https://security-tracker.debian.org/tracker/CVE-2026-33846
CVE-2026-6732	high	https://security-tracker.debian.org/tracker/CVE-2026-6732
CVE-2026-32741	high	https://security-tracker.debian.org/tracker/CVE-2026-32741
CVE-2026-5928	high	https://security-tracker.debian.org/tracker/CVE-2026-5928
CVE-2026-32882	high	https://security-tracker.debian.org/tracker/CVE-2026-32882
CVE-2026-5773	high	https://security-tracker.debian.org/tracker/CVE-2026-5773
CVE-2026-6276	high	https://security-tracker.debian.org/tracker/CVE-2026-6276
CVE-2026-4437	high	https://security-tracker.debian.org/tracker/CVE-2026-4437
CVE-2026-42497	high	https://security-tracker.debian.org/tracker/CVE-2026-42497
CVE-2026-48961	high	https://security-tracker.debian.org/tracker/CVE-2026-48961
CVE-2026-3805	high	https://security-tracker.debian.org/tracker/CVE-2026-3805
CVE-2026-41071	high	https://security-tracker.debian.org/tracker/CVE-2026-41071
CVE-2026-42012	high	https://security-tracker.debian.org/tracker/CVE-2026-42012
CVE-2026-4437	high	https://security-tracker.debian.org/tracker/CVE-2026-4437
CVE-2026-5435	high	https://security-tracker.debian.org/tracker/CVE-2026-5435
CVE-2025-13151	high	https://security-tracker.debian.org/tracker/CVE-2025-13151
CVE-2026-48959	high	https://security-tracker.debian.org/tracker/CVE-2026-48959
CVE-2026-32740	high	https://security-tracker.debian.org/tracker/CVE-2026-32740
CVE-2026-48962	high	https://security-tracker.debian.org/tracker/CVE-2026-48962
CVE-2026-4046	high	https://security-tracker.debian.org/tracker/CVE-2026-4046
CVE-2026-4046	high	https://security-tracker.debian.org/tracker/CVE-2026-4046
CVE-2026-32882	high	https://security-tracker.debian.org/tracker/CVE-2026-32882
CVE-2025-69720	high	https://security-tracker.debian.org/tracker/CVE-2025-69720
CVE-2026-9538	high	https://security-tracker.debian.org/tracker/CVE-2026-9538
CVE-2026-33164	high	https://security-tracker.debian.org/tracker/CVE-2026-33164
CVE-2026-5260	high	https://security-tracker.debian.org/tracker/CVE-2026-5260
CVE-2026-41071	high	https://security-tracker.debian.org/tracker/CVE-2026-41071
CVE-2025-68431	high	https://security-tracker.debian.org/tracker/CVE-2025-68431
CVE-2025-69720	high	https://security-tracker.debian.org/tracker/CVE-2025-69720
CVE-2026-42009	high	https://security-tracker.debian.org/tracker/CVE-2026-42009
CVE-2026-3833	high	https://security-tracker.debian.org/tracker/CVE-2026-3833
CVE-2026-32740	high	https://security-tracker.debian.org/tracker/CVE-2026-32740
CVE-2026-32741	high	https://security-tracker.debian.org/tracker/CVE-2026-32741
CVE-2026-41080	high	https://security-tracker.debian.org/tracker/CVE-2026-41080
CVE-2026-6276	high	https://security-tracker.debian.org/tracker/CVE-2026-6276
CVE-2026-32741	high	https://security-tracker.debian.org/tracker/CVE-2026-32741
CVE-2026-41071	high	https://security-tracker.debian.org/tracker/CVE-2026-41071
CVE-2026-3805	high	https://security-tracker.debian.org/tracker/CVE-2026-3805
CVE-2025-68431	high	https://security-tracker.debian.org/tracker/CVE-2025-68431
CVE-2026-32882	high	https://security-tracker.debian.org/tracker/CVE-2026-32882
CVE-2026-42250	medium	https://security-tracker.debian.org/tracker/CVE-2026-42250
CVE-2025-14819	medium	https://security-tracker.debian.org/tracker/CVE-2025-14819
CVE-2026-42946	medium	https://security-tracker.debian.org/tracker/CVE-2026-42946
CVE-2026-32738	medium	https://security-tracker.debian.org/tracker/CVE-2026-32738
CVE-2026-32814	medium	https://security-tracker.debian.org/tracker/CVE-2026-32814
CVE-2026-5704	medium	https://security-tracker.debian.org/tracker/CVE-2026-5704
CVE-2025-14524	medium	https://security-tracker.debian.org/tracker/CVE-2025-14524
CVE-2026-40356	medium	https://security-tracker.debian.org/tracker/CVE-2026-40356
CVE-2026-32739	medium	https://security-tracker.debian.org/tracker/CVE-2026-32739
CVE-2026-41069	medium	https://security-tracker.debian.org/tracker/CVE-2026-41069
CVE-2026-4105	medium	https://security-tracker.debian.org/tracker/CVE-2026-4105
CVE-2024-38950	medium	https://security-tracker.debian.org/tracker/CVE-2024-38950
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-6429	medium	https://security-tracker.debian.org/tracker/CVE-2026-6429
CVE-2026-5545	medium	https://security-tracker.debian.org/tracker/CVE-2026-5545
CVE-2026-32739	medium	https://security-tracker.debian.org/tracker/CVE-2026-32739
CVE-2026-29111	medium	https://security-tracker.debian.org/tracker/CVE-2026-29111
CVE-2026-40355	medium	https://security-tracker.debian.org/tracker/CVE-2026-40355
CVE-2026-4438	medium	https://security-tracker.debian.org/tracker/CVE-2026-4438
CVE-2026-7598	medium	https://security-tracker.debian.org/tracker/CVE-2026-7598
CVE-2026-40356	medium	https://security-tracker.debian.org/tracker/CVE-2026-40356
CVE-2026-40355	medium	https://security-tracker.debian.org/tracker/CVE-2026-40355
CVE-2026-5545	medium	https://security-tracker.debian.org/tracker/CVE-2026-5545
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-1965	medium	https://security-tracker.debian.org/tracker/CVE-2026-1965
CVE-2026-41989	medium	https://security-tracker.debian.org/tracker/CVE-2026-41989
CVE-2025-10911	medium	https://security-tracker.debian.org/tracker/CVE-2025-10911
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-3783	medium	https://security-tracker.debian.org/tracker/CVE-2026-3783
CVE-2025-6141	medium	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2026-32738	medium	https://security-tracker.debian.org/tracker/CVE-2026-32738
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-33165	medium	https://security-tracker.debian.org/tracker/CVE-2026-33165
CVE-2024-38949	medium	https://security-tracker.debian.org/tracker/CVE-2024-38949
CVE-2025-66382	medium	https://security-tracker.debian.org/tracker/CVE-2025-66382
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-40225	medium	https://security-tracker.debian.org/tracker/CVE-2026-40225
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-40355	medium	https://security-tracker.debian.org/tracker/CVE-2026-40355
CVE-2025-6141	medium	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-13034	medium	https://security-tracker.debian.org/tracker/CVE-2025-13034
CVE-2026-40226	medium	https://security-tracker.debian.org/tracker/CVE-2026-40226
CVE-2026-6253	medium	https://security-tracker.debian.org/tracker/CVE-2026-6253
CVE-2026-32776	medium	https://security-tracker.debian.org/tracker/CVE-2026-32776
CVE-2026-4873	medium	https://security-tracker.debian.org/tracker/CVE-2026-4873
CVE-2026-32739	medium	https://security-tracker.debian.org/tracker/CVE-2026-32739
CVE-2026-6429	medium	https://security-tracker.debian.org/tracker/CVE-2026-6429
CVE-2025-15649	medium	https://security-tracker.debian.org/tracker/CVE-2025-15649
CVE-2026-40356	medium	https://security-tracker.debian.org/tracker/CVE-2026-40356
CVE-2026-32814	medium	https://security-tracker.debian.org/tracker/CVE-2026-32814
CVE-2026-32814	medium	https://security-tracker.debian.org/tracker/CVE-2026-32814
CVE-2026-40225	medium	https://security-tracker.debian.org/tracker/CVE-2026-40225
CVE-2026-7168	medium	https://security-tracker.debian.org/tracker/CVE-2026-7168
CVE-2026-41069	medium	https://security-tracker.debian.org/tracker/CVE-2026-41069
CVE-2026-6238	medium	https://security-tracker.debian.org/tracker/CVE-2026-6238
CVE-2026-27171	medium	https://security-tracker.debian.org/tracker/CVE-2026-27171
CVE-2026-1965	medium	https://security-tracker.debian.org/tracker/CVE-2026-1965
CVE-2026-41069	medium	https://security-tracker.debian.org/tracker/CVE-2026-41069
CVE-2026-4873	medium	https://security-tracker.debian.org/tracker/CVE-2026-4873
CVE-2026-32738	medium	https://security-tracker.debian.org/tracker/CVE-2026-32738
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-4438	medium	https://security-tracker.debian.org/tracker/CVE-2026-4438
CVE-2026-3784	medium	https://security-tracker.debian.org/tracker/CVE-2026-3784
CVE-2026-6238	medium	https://security-tracker.debian.org/tracker/CVE-2026-6238
CVE-2026-32778	medium	https://security-tracker.debian.org/tracker/CVE-2026-32778
CVE-2025-14524	medium	https://security-tracker.debian.org/tracker/CVE-2025-14524
CVE-2026-34757	medium	https://security-tracker.debian.org/tracker/CVE-2026-34757
CVE-2026-6253	medium	https://security-tracker.debian.org/tracker/CVE-2026-6253
CVE-2026-0990	medium	https://security-tracker.debian.org/tracker/CVE-2026-0990
CVE-2026-29111	medium	https://security-tracker.debian.org/tracker/CVE-2026-29111
CVE-2026-40356	medium	https://security-tracker.debian.org/tracker/CVE-2026-40356
CVE-2026-40226	medium	https://security-tracker.debian.org/tracker/CVE-2026-40226
CVE-2026-4105	medium	https://security-tracker.debian.org/tracker/CVE-2026-4105
CVE-2026-40355	medium	https://security-tracker.debian.org/tracker/CVE-2026-40355
CVE-2026-3784	medium	https://security-tracker.debian.org/tracker/CVE-2026-3784
CVE-2026-7168	medium	https://security-tracker.debian.org/tracker/CVE-2026-7168
CVE-2026-3783	medium	https://security-tracker.debian.org/tracker/CVE-2026-3783
CVE-2026-42015	medium	https://security-tracker.debian.org/tracker/CVE-2026-42015
CVE-2025-14819	medium	https://security-tracker.debian.org/tracker/CVE-2025-14819
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-32777	medium	https://security-tracker.debian.org/tracker/CVE-2026-32777
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2025-13034	medium	https://security-tracker.debian.org/tracker/CVE-2025-13034
CVE-2026-34743	medium	https://security-tracker.debian.org/tracker/CVE-2026-34743
CVE-2025-6141	medium	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2026-27456	medium	https://security-tracker.debian.org/tracker/CVE-2026-27456
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2026-3184	medium	https://security-tracker.debian.org/tracker/CVE-2026-3184
CVE-2013-0337	low	https://security-tracker.debian.org/tracker/CVE-2013-0337
CVE-2026-24515	low	https://security-tracker.debian.org/tracker/CVE-2026-24515
CVE-2026-40228	low	https://security-tracker.debian.org/tracker/CVE-2026-40228
CVE-2024-56433	low	https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2026-3832	low	https://security-tracker.debian.org/tracker/CVE-2026-3832
CVE-2026-5958	low	https://security-tracker.debian.org/tracker/CVE-2026-5958
CVE-2026-40228	low	https://security-tracker.debian.org/tracker/CVE-2026-40228
CVE-2024-56433	low	https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2026-0989	low	https://security-tracker.debian.org/tracker/CVE-2026-0989
CVE-2025-11731	low	https://security-tracker.debian.org/tracker/CVE-2025-11731
CVE-2026-0992	low	https://security-tracker.debian.org/tracker/CVE-2026-0992
CVE-2025-5278	none	https://security-tracker.debian.org/tracker/CVE-2025-5278
CVE-2019-1010025	none	https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2011-3374	none	https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2025-61143	none	https://security-tracker.debian.org/tracker/CVE-2025-61143
CVE-2019-1010022	none	https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2026-3713	none	https://security-tracker.debian.org/tracker/CVE-2026-3713
CVE-2019-1010025	none	https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2026-3949	none	https://security-tracker.debian.org/tracker/CVE-2026-3949
CVE-2017-9937	none	https://security-tracker.debian.org/tracker/CVE-2017-9937
CVE-2013-4392	none	https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2025-61144	none	https://security-tracker.debian.org/tracker/CVE-2025-61144
CVE-2022-1210	none	https://security-tracker.debian.org/tracker/CVE-2022-1210
CVE-2010-4756	none	https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2024-26458	none	https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2019-1010022	none	https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2021-4214	none	https://security-tracker.debian.org/tracker/CVE-2021-4214
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2026-3949	none	https://security-tracker.debian.org/tracker/CVE-2026-3949
CVE-2021-45346	none	https://security-tracker.debian.org/tracker/CVE-2021-45346
CVE-2018-5709	none	https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2011-4116	none	https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2025-8534	none	https://security-tracker.debian.org/tracker/CVE-2025-8534
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2009-4487	none	https://security-tracker.debian.org/tracker/CVE-2009-4487
CVE-2024-26458	none	https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2015-3276	none	https://security-tracker.debian.org/tracker/CVE-2015-3276
CVE-2023-31438	none	https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2024-2236	none	https://security-tracker.debian.org/tracker/CVE-2024-2236
CVE-2025-10966	none	https://security-tracker.debian.org/tracker/CVE-2025-10966
CVE-2017-18018	none	https://security-tracker.debian.org/tracker/CVE-2017-18018
CVE-2023-31437	none	https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2019-1010024	none	https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2017-17740	none	https://security-tracker.debian.org/tracker/CVE-2017-17740
CVE-2010-4756	none	https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2024-26458	none	https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2024-26461	none	https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2025-15079	none	https://security-tracker.debian.org/tracker/CVE-2025-15079
CVE-2015-9019	none	https://security-tracker.debian.org/tracker/CVE-2015-9019
CVE-2019-9192	none	https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-15079	none	https://security-tracker.debian.org/tracker/CVE-2025-15079
CVE-2025-61147	none	https://security-tracker.debian.org/tracker/CVE-2025-61147
CVE-2025-15224	none	https://security-tracker.debian.org/tracker/CVE-2025-15224
CVE-2020-15719	none	https://security-tracker.debian.org/tracker/CVE-2020-15719
CVE-2005-2541	none	https://security-tracker.debian.org/tracker/CVE-2005-2541
CVE-2018-10126	none	https://security-tracker.debian.org/tracker/CVE-2018-10126
CVE-2025-15224	none	https://security-tracker.debian.org/tracker/CVE-2025-15224
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2018-5709	none	https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2018-20796	none	https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2019-1010024	none	https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2023-31439	none	https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2007-5686	none	https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2011-3389	none	https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2024-26461	none	https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2019-1010023	none	https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2023-31439	none	https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2026-22185	none	https://security-tracker.debian.org/tracker/CVE-2026-22185
CVE-2011-3374	none	https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2023-31438	none	https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2024-26461	none	https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2026-3949	none	https://security-tracker.debian.org/tracker/CVE-2026-3949
CVE-2007-5686	none	https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2013-4392	none	https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-61145	none	https://security-tracker.debian.org/tracker/CVE-2025-61145
CVE-2025-70873	none	https://security-tracker.debian.org/tracker/CVE-2025-70873
CVE-2025-10966	none	https://security-tracker.debian.org/tracker/CVE-2025-10966
CVE-2017-14159	none	https://security-tracker.debian.org/tracker/CVE-2017-14159
CVE-2018-20796	none	https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2019-1010023	none	https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2025-8732	none	https://security-tracker.debian.org/tracker/CVE-2025-8732
CVE-2017-16232	none	https://security-tracker.debian.org/tracker/CVE-2017-16232
CVE-2018-5709	none	https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2024-26461	none	https://security-tracker.debian.org/tracker/CVE-2024-26461
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-14017	none	https://security-tracker.debian.org/tracker/CVE-2025-14017
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2019-9192	none	https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2018-6829	none	https://security-tracker.debian.org/tracker/CVE-2018-6829
CVE-2018-5709	none	https://security-tracker.debian.org/tracker/CVE-2018-5709
CVE-2025-8176	none	https://security-tracker.debian.org/tracker/CVE-2025-8176
CVE-2025-8177	none	https://security-tracker.debian.org/tracker/CVE-2025-8177
CVE-2025-14017	none	https://security-tracker.debian.org/tracker/CVE-2025-14017
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-14104	none	https://security-tracker.debian.org/tracker/CVE-2025-14104
CVE-2026-1757	none	https://security-tracker.debian.org/tracker/CVE-2026-1757
CVE-2024-26458	none	https://security-tracker.debian.org/tracker/CVE-2024-26458
CVE-2023-31437	none	https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2026-5419	unknown	https://security-tracker.debian.org/tracker/CVE-2026-5419
CVE-2026-42014	unknown	https://security-tracker.debian.org/tracker/CVE-2026-42014
CVE-2026-4367	unknown	https://security-tracker.debian.org/tracker/CVE-2026-4367

registry1.dso.mil/ironbank/opensource/nginx/nginx `1.30.0` -> `1.30.0`

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 297

New vulnerabilities

ID	SEVERITY	URL

Fixed vulnerabilities

ID	SEVERITY	URL

Existing vulnerabilities

ID	SEVERITY	URL
CVE-2026-40356	high	https://access.redhat.com/security/cve/CVE-2026-40356
CVE-2026-42010	high	https://access.redhat.com/security/cve/CVE-2026-42010
CVE-2026-42944	high	https://access.redhat.com/security/cve/CVE-2026-42944
CVE-2026-4519	high	https://access.redhat.com/security/cve/CVE-2026-4519
CVE-2024-1488	high	https://access.redhat.com/security/cve/CVE-2024-1488
CVE-2024-12254	high	https://access.redhat.com/security/cve/CVE-2024-12254
CVE-2026-4786	high	https://access.redhat.com/security/cve/CVE-2026-4786
CVE-2026-33846	high	https://access.redhat.com/security/cve/CVE-2026-33846
CVE-2026-45186	high	https://access.redhat.com/security/cve/CVE-2026-45186
CVE-2026-42009	high	https://access.redhat.com/security/cve/CVE-2026-42009
CVE-2026-33846	high	https://access.redhat.com/security/cve/CVE-2026-33846
CVE-2026-6100	high	https://access.redhat.com/security/cve/CVE-2026-6100
CVE-2026-4519	high	https://access.redhat.com/security/cve/CVE-2026-4519
CVE-2026-4786	high	https://access.redhat.com/security/cve/CVE-2026-4786
CVE-2026-9256	high	https://access.redhat.com/security/cve/CVE-2026-9256
CVE-2025-59375	high	https://access.redhat.com/security/cve/CVE-2025-59375
CVE-2026-6100	high	https://access.redhat.com/security/cve/CVE-2026-6100
CVE-2026-42010	high	https://access.redhat.com/security/cve/CVE-2026-42010
CVE-2025-59375	high	https://access.redhat.com/security/cve/CVE-2025-59375
CVE-2026-42009	high	https://access.redhat.com/security/cve/CVE-2026-42009
CVE-2026-33846	high	https://access.redhat.com/security/cve/CVE-2026-33846
CVE-2026-4878	high	https://access.redhat.com/security/cve/CVE-2026-4878
CVE-2025-59375	high	https://access.redhat.com/security/cve/CVE-2025-59375
CVE-2026-33845	high	https://access.redhat.com/security/cve/CVE-2026-33845
CVE-2026-6100	high	https://access.redhat.com/security/cve/CVE-2026-6100
CVE-2026-42959	high	https://access.redhat.com/security/cve/CVE-2026-42959
CVE-2024-12254	high	https://access.redhat.com/security/cve/CVE-2024-12254
CVE-2024-12254	high	https://access.redhat.com/security/cve/CVE-2024-12254
CVE-2026-33845	high	https://access.redhat.com/security/cve/CVE-2026-33845
CVE-2026-4519	high	https://access.redhat.com/security/cve/CVE-2026-4519
CVE-2026-33278	high	https://access.redhat.com/security/cve/CVE-2026-33278
CVE-2026-4786	high	https://access.redhat.com/security/cve/CVE-2026-4786
CVE-2026-42009	high	https://access.redhat.com/security/cve/CVE-2026-42009
CVE-2026-33845	high	https://access.redhat.com/security/cve/CVE-2026-33845
CVE-2026-42010	high	https://access.redhat.com/security/cve/CVE-2026-42010
CVE-2025-4598	medium	https://access.redhat.com/security/cve/CVE-2025-4598
CVE-2026-3784	medium	https://access.redhat.com/security/cve/CVE-2026-3784
CVE-2024-12243	medium	https://access.redhat.com/security/cve/CVE-2024-12243
CVE-2026-5260	medium	https://access.redhat.com/security/cve/CVE-2026-5260
CVE-2026-4437	medium	https://access.redhat.com/security/cve/CVE-2026-4437
CVE-2026-27456	medium	https://access.redhat.com/security/cve/CVE-2026-27456
CVE-2026-32792	medium	https://access.redhat.com/security/cve/CVE-2026-32792
CVE-2026-6429	medium	https://access.redhat.com/security/cve/CVE-2026-6429
CVE-2024-12243	medium	https://access.redhat.com/security/cve/CVE-2024-12243
CVE-2026-4105	medium	https://access.redhat.com/security/cve/CVE-2026-4105
CVE-2024-12224	medium	https://access.redhat.com/security/cve/CVE-2024-12224
CVE-2026-28755	medium	https://access.redhat.com/security/cve/CVE-2026-28755
CVE-2026-5773	medium	https://access.redhat.com/security/cve/CVE-2026-5773
CVE-2026-42011	medium	https://access.redhat.com/security/cve/CVE-2026-42011
CVE-2026-42308	medium	https://access.redhat.com/security/cve/CVE-2026-42308
CVE-2026-27456	medium	https://access.redhat.com/security/cve/CVE-2026-27456
CVE-2026-31790	medium	https://access.redhat.com/security/cve/CVE-2026-31790
CVE-2026-42308	medium	https://access.redhat.com/security/cve/CVE-2026-42308
CVE-2026-42011	medium	https://access.redhat.com/security/cve/CVE-2026-42011
CVE-2026-1502	medium	https://access.redhat.com/security/cve/CVE-2026-1502
CVE-2024-12133	medium	https://access.redhat.com/security/cve/CVE-2024-12133
CVE-2026-3784	medium	https://access.redhat.com/security/cve/CVE-2026-3784
CVE-2026-42960	medium	https://access.redhat.com/security/cve/CVE-2026-42960
CVE-2026-5928	medium	https://access.redhat.com/security/cve/CVE-2026-5928
CVE-2026-42014	medium	https://access.redhat.com/security/cve/CVE-2026-42014
CVE-2026-5260	medium	https://access.redhat.com/security/cve/CVE-2026-5260
CVE-2026-3783	medium	https://access.redhat.com/security/cve/CVE-2026-3783
CVE-2026-4224	medium	https://access.redhat.com/security/cve/CVE-2026-4224
CVE-2026-0990	medium	https://access.redhat.com/security/cve/CVE-2026-0990
CVE-2026-42015	medium	https://access.redhat.com/security/cve/CVE-2026-42015
CVE-2026-7168	medium	https://access.redhat.com/security/cve/CVE-2026-7168
CVE-2025-4516	medium	https://access.redhat.com/security/cve/CVE-2025-4516
CVE-2026-40355	medium	https://access.redhat.com/security/cve/CVE-2026-40355
CVE-2025-29087	medium	https://access.redhat.com/security/cve/CVE-2025-29087
CVE-2026-1965	medium	https://access.redhat.com/security/cve/CVE-2026-1965
CVE-2026-4224	medium	https://access.redhat.com/security/cve/CVE-2026-4224
CVE-2026-1502	medium	https://access.redhat.com/security/cve/CVE-2026-1502
CVE-2026-25645	medium	https://access.redhat.com/security/cve/CVE-2026-25645
CVE-2026-29111	medium	https://access.redhat.com/security/cve/CVE-2026-29111
CVE-2026-5713	medium	https://access.redhat.com/security/cve/CVE-2026-5713
CVE-2026-3644	medium	https://access.redhat.com/security/cve/CVE-2026-3644
CVE-2024-28835	medium	https://access.redhat.com/security/cve/CVE-2024-28835
CVE-2026-44608	medium	https://access.redhat.com/security/cve/CVE-2026-44608
CVE-2026-5450	medium	https://access.redhat.com/security/cve/CVE-2026-5450
CVE-2026-5545	medium	https://access.redhat.com/security/cve/CVE-2026-5545
CVE-2026-6019	medium	https://access.redhat.com/security/cve/CVE-2026-6019
CVE-2025-13034	medium	https://access.redhat.com/security/cve/CVE-2025-13034
CVE-2026-27456	medium	https://access.redhat.com/security/cve/CVE-2026-27456
CVE-2025-60753	medium	https://access.redhat.com/security/cve/CVE-2025-60753
CVE-2025-4516	medium	https://access.redhat.com/security/cve/CVE-2025-4516
CVE-2026-5928	medium	https://access.redhat.com/security/cve/CVE-2026-5928
CVE-2025-13837	medium	https://access.redhat.com/security/cve/CVE-2025-13837
CVE-2025-13837	medium	https://access.redhat.com/security/cve/CVE-2025-13837
CVE-2026-34743	medium	https://access.redhat.com/security/cve/CVE-2026-34743
CVE-2026-42013	medium	https://access.redhat.com/security/cve/CVE-2026-42013
CVE-2026-5450	medium	https://access.redhat.com/security/cve/CVE-2026-5450
CVE-2025-14512	medium	https://access.redhat.com/security/cve/CVE-2025-14512
CVE-2026-2100	medium	https://access.redhat.com/security/cve/CVE-2026-2100
CVE-2026-1965	medium	https://access.redhat.com/security/cve/CVE-2026-1965
CVE-2026-6019	medium	https://access.redhat.com/security/cve/CVE-2026-6019
CVE-2026-4873	medium	https://access.redhat.com/security/cve/CVE-2026-4873
CVE-2026-3833	medium	https://access.redhat.com/security/cve/CVE-2026-3833
CVE-2026-40701	medium	https://access.redhat.com/security/cve/CVE-2026-40701
CVE-2025-6069	medium	https://access.redhat.com/security/cve/CVE-2025-6069
CVE-2026-5260	medium	https://access.redhat.com/security/cve/CVE-2026-5260
CVE-2025-12781	medium	https://access.redhat.com/security/cve/CVE-2025-12781
CVE-2026-27456	medium	https://access.redhat.com/security/cve/CVE-2026-27456
CVE-2026-6732	medium	https://access.redhat.com/security/cve/CVE-2026-6732
CVE-2026-6019	medium	https://access.redhat.com/security/cve/CVE-2026-6019
CVE-2026-42014	medium	https://access.redhat.com/security/cve/CVE-2026-42014
CVE-2026-5713	medium	https://access.redhat.com/security/cve/CVE-2026-5713
CVE-2026-48864	medium	https://access.redhat.com/security/cve/CVE-2026-48864
CVE-2026-5435	medium	https://access.redhat.com/security/cve/CVE-2026-5435
CVE-2026-42012	medium	https://access.redhat.com/security/cve/CVE-2026-42012
CVE-2026-3805	medium	https://access.redhat.com/security/cve/CVE-2026-3805
CVE-2025-4598	medium	https://access.redhat.com/security/cve/CVE-2025-4598
CVE-2026-4437	medium	https://access.redhat.com/security/cve/CVE-2026-4437
CVE-2026-7168	medium	https://access.redhat.com/security/cve/CVE-2026-7168
CVE-2026-5928	medium	https://access.redhat.com/security/cve/CVE-2026-5928
CVE-2026-1757	medium	https://access.redhat.com/security/cve/CVE-2026-1757
CVE-2026-4873	medium	https://access.redhat.com/security/cve/CVE-2026-4873
CVE-2025-14017	medium	https://access.redhat.com/security/cve/CVE-2025-14017
CVE-2026-1484	medium	https://access.redhat.com/security/cve/CVE-2026-1484
CVE-2026-9149	medium	https://access.redhat.com/security/cve/CVE-2026-9149
CVE-2026-3805	medium	https://access.redhat.com/security/cve/CVE-2026-3805
CVE-2025-14087	medium	https://access.redhat.com/security/cve/CVE-2025-14087
CVE-2025-12781	medium	https://access.redhat.com/security/cve/CVE-2025-12781
CVE-2026-42013	medium	https://access.redhat.com/security/cve/CVE-2026-42013
CVE-2026-2100	medium	https://access.redhat.com/security/cve/CVE-2026-2100
CVE-2026-4105	medium	https://access.redhat.com/security/cve/CVE-2026-4105
CVE-2024-28835	medium	https://access.redhat.com/security/cve/CVE-2024-28835
CVE-2026-42013	medium	https://access.redhat.com/security/cve/CVE-2026-42013
CVE-2026-31790	medium	https://access.redhat.com/security/cve/CVE-2026-31790
CVE-2025-50182	medium	https://access.redhat.com/security/cve/CVE-2025-50182
CVE-2026-1489	medium	https://access.redhat.com/security/cve/CVE-2026-1489
CVE-2026-4437	medium	https://access.redhat.com/security/cve/CVE-2026-4437
CVE-2026-3644	medium	https://access.redhat.com/security/cve/CVE-2026-3644
CVE-2026-32284	medium	https://access.redhat.com/security/cve/CVE-2026-32284
CVE-2026-42012	medium	https://access.redhat.com/security/cve/CVE-2026-42012
CVE-2026-5958	medium	https://access.redhat.com/security/cve/CVE-2026-5958
CVE-2026-4426	medium	https://access.redhat.com/security/cve/CVE-2026-4426
CVE-2026-42923	medium	https://access.redhat.com/security/cve/CVE-2026-42923
CVE-2025-12781	medium	https://access.redhat.com/security/cve/CVE-2025-12781
CVE-2025-11468	medium	https://access.redhat.com/security/cve/CVE-2025-11468
CVE-2026-9150	medium	https://access.redhat.com/security/cve/CVE-2026-9150
CVE-2026-27456	medium	https://access.redhat.com/security/cve/CVE-2026-27456
CVE-2026-40460	medium	https://access.redhat.com/security/cve/CVE-2026-40460
CVE-2024-45490	medium	https://access.redhat.com/security/cve/CVE-2024-45490
CVE-2026-0672	medium	https://access.redhat.com/security/cve/CVE-2026-0672
CVE-2025-11468	medium	https://access.redhat.com/security/cve/CVE-2025-11468
CVE-2025-11468	medium	https://access.redhat.com/security/cve/CVE-2025-11468
CVE-2026-3783	medium	https://access.redhat.com/security/cve/CVE-2026-3783
CVE-2026-42308	medium	https://access.redhat.com/security/cve/CVE-2026-42308
CVE-2026-32776	medium	https://access.redhat.com/security/cve/CVE-2026-32776
CVE-2026-6253	medium	https://access.redhat.com/security/cve/CVE-2026-6253
CVE-2026-5773	medium	https://access.redhat.com/security/cve/CVE-2026-5773
CVE-2026-42012	medium	https://access.redhat.com/security/cve/CVE-2026-42012
CVE-2026-3644	medium	https://access.redhat.com/security/cve/CVE-2026-3644
CVE-2026-5745	medium	https://access.redhat.com/security/cve/CVE-2026-5745
CVE-2025-50181	medium	https://access.redhat.com/security/cve/CVE-2025-50181
CVE-2024-28834	medium	https://access.redhat.com/security/cve/CVE-2024-28834
CVE-2026-42011	medium	https://access.redhat.com/security/cve/CVE-2026-42011
CVE-2026-2625	medium	https://access.redhat.com/security/cve/CVE-2026-2625
CVE-2025-6069	medium	https://access.redhat.com/security/cve/CVE-2025-6069
CVE-2026-29111	medium	https://access.redhat.com/security/cve/CVE-2026-29111
CVE-2026-4046	medium	https://access.redhat.com/security/cve/CVE-2026-4046
CVE-2025-13034	medium	https://access.redhat.com/security/cve/CVE-2025-13034
CVE-2025-15282	medium	https://access.redhat.com/security/cve/CVE-2025-15282
CVE-2026-42015	medium	https://access.redhat.com/security/cve/CVE-2026-42015
CVE-2026-3833	medium	https://access.redhat.com/security/cve/CVE-2026-3833
CVE-2026-4046	medium	https://access.redhat.com/security/cve/CVE-2026-4046
CVE-2026-5435	medium	https://access.redhat.com/security/cve/CVE-2026-5435
CVE-2024-28834	medium	https://access.redhat.com/security/cve/CVE-2024-28834
CVE-2025-4598	medium	https://access.redhat.com/security/cve/CVE-2025-4598
CVE-2026-28390	medium	https://access.redhat.com/security/cve/CVE-2026-28390
CVE-2026-5713	medium	https://access.redhat.com/security/cve/CVE-2026-5713
CVE-2026-42014	medium	https://access.redhat.com/security/cve/CVE-2026-42014
CVE-2026-0672	medium	https://access.redhat.com/security/cve/CVE-2026-0672
CVE-2025-7458	medium	https://access.redhat.com/security/cve/CVE-2025-7458
CVE-2026-5435	medium	https://access.redhat.com/security/cve/CVE-2026-5435
CVE-2025-15282	medium	https://access.redhat.com/security/cve/CVE-2025-15282
CVE-2024-28834	medium	https://access.redhat.com/security/cve/CVE-2024-28834
CVE-2026-5545	medium	https://access.redhat.com/security/cve/CVE-2026-5545
CVE-2026-4224	medium	https://access.redhat.com/security/cve/CVE-2026-4224
CVE-2026-42946	medium	https://access.redhat.com/security/cve/CVE-2026-42946
CVE-2025-13837	medium	https://access.redhat.com/security/cve/CVE-2025-13837
CVE-2026-6253	medium	https://access.redhat.com/security/cve/CVE-2026-6253
CVE-2026-4046	medium	https://access.redhat.com/security/cve/CVE-2026-4046
CVE-2026-2673	medium	https://access.redhat.com/security/cve/CVE-2026-2673
CVE-2024-12243	medium	https://access.redhat.com/security/cve/CVE-2024-12243
CVE-2025-14017	medium	https://access.redhat.com/security/cve/CVE-2025-14017
CVE-2026-27456	medium	https://access.redhat.com/security/cve/CVE-2026-27456
CVE-2026-4105	medium	https://access.redhat.com/security/cve/CVE-2026-4105
CVE-2025-67897	medium	https://access.redhat.com/security/cve/CVE-2025-67897
CVE-2025-15282	medium	https://access.redhat.com/security/cve/CVE-2025-15282
CVE-2025-5278	medium	https://access.redhat.com/security/cve/CVE-2025-5278
CVE-2026-42015	medium	https://access.redhat.com/security/cve/CVE-2026-42015
CVE-2026-5450	medium	https://access.redhat.com/security/cve/CVE-2026-5450
CVE-2026-42934	medium	https://access.redhat.com/security/cve/CVE-2026-42934
CVE-2025-4516	medium	https://access.redhat.com/security/cve/CVE-2025-4516
CVE-2026-0672	medium	https://access.redhat.com/security/cve/CVE-2026-0672
CVE-2026-1502	medium	https://access.redhat.com/security/cve/CVE-2026-1502
CVE-2026-32778	medium	https://access.redhat.com/security/cve/CVE-2026-32778
CVE-2026-32777	medium	https://access.redhat.com/security/cve/CVE-2026-32777
CVE-2026-29111	medium	https://access.redhat.com/security/cve/CVE-2026-29111
CVE-2024-28835	medium	https://access.redhat.com/security/cve/CVE-2024-28835
CVE-2025-11411	medium	https://access.redhat.com/security/cve/CVE-2025-11411
CVE-2026-6429	medium	https://access.redhat.com/security/cve/CVE-2026-6429
CVE-2025-6069	medium	https://access.redhat.com/security/cve/CVE-2025-6069
CVE-2026-3833	medium	https://access.redhat.com/security/cve/CVE-2026-3833
CVE-2026-31790	medium	https://access.redhat.com/security/cve/CVE-2026-31790
CVE-2025-15281	low	https://access.redhat.com/security/cve/CVE-2025-15281
CVE-2025-1371	low	https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2025-1371	low	https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2025-10148	low	https://access.redhat.com/security/cve/CVE-2025-10148
CVE-2026-0988	low	https://access.redhat.com/security/cve/CVE-2026-0988
CVE-2025-1632	low	https://access.redhat.com/security/cve/CVE-2025-1632
CVE-2026-3479	low	https://access.redhat.com/security/cve/CVE-2026-3479
CVE-2026-4438	low	https://access.redhat.com/security/cve/CVE-2026-4438
CVE-2025-6052	low	https://access.redhat.com/security/cve/CVE-2025-6052
CVE-2021-46195	low	https://access.redhat.com/security/cve/CVE-2021-46195
CVE-2025-1371	low	https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2025-14819	low	https://access.redhat.com/security/cve/CVE-2025-14819
CVE-2025-13151	low	https://access.redhat.com/security/cve/CVE-2025-13151
CVE-2021-46195	low	https://access.redhat.com/security/cve/CVE-2021-46195
CVE-2025-1371	low	https://access.redhat.com/security/cve/CVE-2025-1371
CVE-2025-6170	low	https://access.redhat.com/security/cve/CVE-2025-6170
CVE-2026-4438	low	https://access.redhat.com/security/cve/CVE-2026-4438
CVE-2025-14524	low	https://access.redhat.com/security/cve/CVE-2025-14524
CVE-2025-1377	low	https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2025-1376	low	https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2026-4438	low	https://access.redhat.com/security/cve/CVE-2026-4438
CVE-2025-15079	low	https://access.redhat.com/security/cve/CVE-2025-15079
CVE-2026-1485	low	https://access.redhat.com/security/cve/CVE-2026-1485
CVE-2026-3832	low	https://access.redhat.com/security/cve/CVE-2026-3832
CVE-2025-5915	low	https://access.redhat.com/security/cve/CVE-2025-5915
CVE-2025-15224	low	https://access.redhat.com/security/cve/CVE-2025-15224
CVE-2024-5535	low	https://access.redhat.com/security/cve/CVE-2024-5535
CVE-2025-14819	low	https://access.redhat.com/security/cve/CVE-2025-14819
CVE-2025-15224	low	https://access.redhat.com/security/cve/CVE-2025-15224
CVE-2025-1377	low	https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2025-70873	low	https://access.redhat.com/security/cve/CVE-2025-70873
CVE-2025-1376	low	https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2025-53859	low	https://access.redhat.com/security/cve/CVE-2025-53859
CVE-2025-15281	low	https://access.redhat.com/security/cve/CVE-2025-15281
CVE-2025-1377	low	https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2024-58261	low	https://access.redhat.com/security/cve/CVE-2024-58261
CVE-2025-6075	low	https://access.redhat.com/security/cve/CVE-2025-6075
CVE-2024-7592	low	https://access.redhat.com/security/cve/CVE-2024-7592
CVE-2025-5918	low	https://access.redhat.com/security/cve/CVE-2025-5918
CVE-2024-11053	low	https://access.redhat.com/security/cve/CVE-2024-11053
CVE-2025-27113	low	https://access.redhat.com/security/cve/CVE-2025-27113
CVE-2024-34459	low	https://access.redhat.com/security/cve/CVE-2024-34459
CVE-2023-53161	low	https://access.redhat.com/security/cve/CVE-2023-53161
CVE-2025-7039	low	https://access.redhat.com/security/cve/CVE-2025-7039
CVE-2024-41996	low	https://access.redhat.com/security/cve/CVE-2024-41996
CVE-2025-5917	low	https://access.redhat.com/security/cve/CVE-2025-5917
CVE-2024-13176	low	https://access.redhat.com/security/cve/CVE-2024-13176
CVE-2026-2297	low	https://access.redhat.com/security/cve/CVE-2026-2297
CVE-2026-6276	low	https://access.redhat.com/security/cve/CVE-2026-6276
CVE-2024-43167	low	https://access.redhat.com/security/cve/CVE-2024-43167
CVE-2024-7264	low	https://access.redhat.com/security/cve/CVE-2024-7264
CVE-2024-11053	low	https://access.redhat.com/security/cve/CVE-2024-11053
CVE-2026-31789	low	https://access.redhat.com/security/cve/CVE-2026-31789
CVE-2026-6276	low	https://access.redhat.com/security/cve/CVE-2026-6276
CVE-2024-43168	low	https://access.redhat.com/security/cve/CVE-2024-43168
CVE-2025-9232	low	https://access.redhat.com/security/cve/CVE-2025-9232
CVE-2023-53160	low	https://access.redhat.com/security/cve/CVE-2023-53160
CVE-2025-15079	low	https://access.redhat.com/security/cve/CVE-2025-15079
CVE-2026-2297	low	https://access.redhat.com/security/cve/CVE-2026-2297
CVE-2026-3479	low	https://access.redhat.com/security/cve/CVE-2026-3479
CVE-2025-15281	low	https://access.redhat.com/security/cve/CVE-2025-15281
CVE-2026-24515	low	https://access.redhat.com/security/cve/CVE-2026-24515
CVE-2025-1377	low	https://access.redhat.com/security/cve/CVE-2025-1377
CVE-2025-6075	low	https://access.redhat.com/security/cve/CVE-2025-6075
CVE-2025-14524	low	https://access.redhat.com/security/cve/CVE-2025-14524
CVE-2026-0989	low	https://access.redhat.com/security/cve/CVE-2026-0989
CVE-2025-5916	low	https://access.redhat.com/security/cve/CVE-2025-5916
CVE-2025-1795	low	https://access.redhat.com/security/cve/CVE-2025-1795
CVE-2026-3832	low	https://access.redhat.com/security/cve/CVE-2026-3832
CVE-2021-46195	low	https://access.redhat.com/security/cve/CVE-2021-46195
CVE-2025-10148	low	https://access.redhat.com/security/cve/CVE-2025-10148
CVE-2024-33655	low	https://access.redhat.com/security/cve/CVE-2024-33655
CVE-2024-7592	low	https://access.redhat.com/security/cve/CVE-2024-7592
CVE-2025-1795	low	https://access.redhat.com/security/cve/CVE-2025-1795
CVE-2025-1795	low	https://access.redhat.com/security/cve/CVE-2025-1795
CVE-2024-7592	low	https://access.redhat.com/security/cve/CVE-2024-7592
CVE-2026-2297	low	https://access.redhat.com/security/cve/CVE-2026-2297
CVE-2024-4603	low	https://access.redhat.com/security/cve/CVE-2024-4603
CVE-2025-1376	low	https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2026-41080	low	https://access.redhat.com/security/cve/CVE-2026-41080
CVE-2026-28753	low	https://access.redhat.com/security/cve/CVE-2026-28753
CVE-2025-3360	low	https://access.redhat.com/security/cve/CVE-2025-3360
CVE-2025-66382	low	https://access.redhat.com/security/cve/CVE-2025-66382
CVE-2026-28388	low	https://access.redhat.com/security/cve/CVE-2026-28388
CVE-2026-3832	low	https://access.redhat.com/security/cve/CVE-2026-3832
CVE-2025-1376	low	https://access.redhat.com/security/cve/CVE-2025-1376
CVE-2026-3479	low	https://access.redhat.com/security/cve/CVE-2026-3479
CVE-2024-7264	low	https://access.redhat.com/security/cve/CVE-2024-7264
CVE-2026-0992	low	https://access.redhat.com/security/cve/CVE-2026-0992
CVE-2025-6075	low	https://access.redhat.com/security/cve/CVE-2025-6075
CVE-2026-28389	low	https://access.redhat.com/security/cve/CVE-2026-28389

cgr.dev/defenseunicorns.com/nginx `1.30.0` -> `1.30.0`

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 0

New vulnerabilities

ID	SEVERITY	URL

Fixed vulnerabilities

ID	SEVERITY	URL

Existing vulnerabilities

ID	SEVERITY	URL

generated with uds-pk scan compare

joelmccoy

Generally on board with the guidance here! Just two small questions

zachariahmiller · 2026-05-20T20:54:02Z

+
+## Implementation
+
+The top-level `values` key for a UDS Package should be defined in the parent `zarf.yaml` of the UDS Package repository and should reference a `zarf-default-values.yaml` file and a `zarf-default-values.schema.json` file located in the root of the repository to handle defaults and validation respectively.


Its been a while since reviewing the zarf values proposal/implementation details so bear with me... Default values as in shipped defaults (analogous to bundle variables with defaults set in the bundle.yaml) or just an example, not included in the packaged artifact (analogous variable override definition in a uds-config.yaml with a bundle.yaml with variable overrides and no defaults)?

If the latter this seems reasonable. If the former i would be concerned about who they are actually good defaults for since they are getting baked in. In that case i would want something more like named sets of defaults that are included and could be referenced/applied.

they are defaults like a Helm chart values default - if you'd like that we could discuss in Zarf as an issue with more context / examples of what those named defaults would be (right now they compose together into a single file).

I'm generally concerned about prescribing default values as a whole separate thing that needs to be defined. In a lot of cases i dont think we want to be setting default zarf values for exposed values other than what is already the default in the underlying chart (or zarf component helm values) file. Requiring the default values to be filled out seems like adding an additional layer which a bunch of duplication that can potentially lead to drift of the intended config and unintended consequences.

Furthermore, i think the schema needs to be able to be generated and there is already an issue in zarf for that, which is great, but if it has to be derived from the default values file that is problematic for the same reasons i think having to define all of the defaults if we are exposing is problematic.

I have a separate concern about how we replace zarf variables that are being used to build helm values. For example, in the GitLab package we build s3 bucket names from a prefix and suffix var:

lfs: bucket: ###ZARF_VAR_BUCKET_PREFIX###gitlab-lfs###ZARF_VAR_BUCKET_SUFFIX### artifacts: bucket: ###ZARF_VAR_BUCKET_PREFIX###gitlab-artifacts###ZARF_VAR_BUCKET_SUFFIX### uploads: bucket: ###ZARF_VAR_BUCKET_PREFIX###gitlab-uploads###ZARF_VAR_BUCKET_SUFFIX###

This doesn't play well with the zarf values feature as i understand it (happy to be wrong) and this is definitely not the only place patterns like this are used. Another that comes to mind is building connection strings.

briantwatson

A couple small comments on phrasing.

Co-authored-by: Brian Watson <brianwatson@defenseunicorns.com>

Racer159 added 2 commits April 6, 2026 17:20

chore: add our defenseunicorns org prefix for npm

6604d8f

chore: add Zarf values guidelines for UDS Packages

ff85b96

Racer159 requested review from a team as code owners May 20, 2026 18:56

Merge branch 'main' into chore/values-guidelines

5278370

Racer159 added 4 commits May 20, 2026 13:04

sort and refine

cd85441

lint

3fae729

moar lint

7d515f6

fix dots

b6a90b1

joelmccoy previously approved these changes May 20, 2026

View reviewed changes

Comment thread docs/uds-packages/guidelines/values-guidelines.md

Comment thread docs/uds-packages/guidelines/values-guidelines.md Outdated

zachariahmiller reviewed May 20, 2026

View reviewed changes

Comment thread docs/uds-packages/guidelines/values-guidelines.md Outdated

zachariahmiller reviewed May 20, 2026

View reviewed changes

Comment thread docs/uds-packages/requirements/uds-package-requirements.md Outdated

zachariahmiller reviewed May 20, 2026

View reviewed changes

Comment thread docs/uds-packages/requirements/uds-package-requirements.md

zachariahmiller reviewed May 20, 2026

View reviewed changes

Comment thread docs/uds-packages/guidelines/values-guidelines.md

feedback

be984fe

Racer159 dismissed joelmccoy’s stale review via be984fe May 21, 2026 17:08

Racer159 mentioned this pull request May 21, 2026

Generate Schema JSON from Zarf Values files zarf-dev/zarf#4918

Open

Racer159 added 2 commits May 21, 2026 11:55

add generate note

0fe9d9a

update values mappings

9cb7bbd

briantwatson reviewed May 27, 2026

View reviewed changes

Comment thread docs/uds-packages/guidelines/values-guidelines.md Outdated

Comment thread docs/uds-packages/guidelines/values-guidelines.md Outdated

Racer159 and others added 3 commits May 28, 2026 11:19

Update docs/uds-packages/guidelines/values-guidelines.md

c1700e5

Co-authored-by: Brian Watson <brianwatson@defenseunicorns.com>

Update docs/uds-packages/guidelines/values-guidelines.md

9facb77

Co-authored-by: Brian Watson <brianwatson@defenseunicorns.com>

Merge branch 'main' into chore/values-guidelines

2715fe8

joelmccoy approved these changes Jun 3, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: add Zarf values guidelines for UDS Packages#679

chore: add Zarf values guidelines for UDS Packages#679
Racer159 wants to merge 13 commits into
mainfrom
chore/values-guidelines

Racer159 commented May 20, 2026

Uh oh!

github-actions Bot commented May 20, 2026 •

edited

Loading

Uh oh!

joelmccoy left a comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

zachariahmiller May 20, 2026

Uh oh!

Racer159 May 21, 2026

Uh oh!

zachariahmiller Jun 3, 2026 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

briantwatson left a comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants


		## Implementation

		The top-level `values` key for a UDS Package should be defined in the parent `zarf.yaml` of the UDS Package repository and should reference a `zarf-default-values.yaml` file and a `zarf-default-values.schema.json` file located in the root of the repository to handle defaults and validation respectively.

Conversation

Racer159 commented May 20, 2026

Description

Checklist before merging

Uh oh!

github-actions Bot commented May 20, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

nginx 1.30.0 -> 1.30.0

registry1.dso.mil/ironbank/opensource/nginx/nginx 1.30.0 -> 1.30.0

cgr.dev/defenseunicorns.com/nginx 1.30.0 -> 1.30.0

Uh oh!

joelmccoy left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

zachariahmiller May 20, 2026

Choose a reason for hiding this comment

Uh oh!

Racer159 May 21, 2026

Choose a reason for hiding this comment

Uh oh!

zachariahmiller Jun 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

briantwatson left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

github-actions Bot commented May 20, 2026 •

edited

Loading

nginx `1.30.0` -> `1.30.0`

registry1.dso.mil/ironbank/opensource/nginx/nginx `1.30.0` -> `1.30.0`

cgr.dev/defenseunicorns.com/nginx `1.30.0` -> `1.30.0`

zachariahmiller Jun 3, 2026 •

edited

Loading