apk package
chainguard/cluster-api-helm-controller-fips
pkg:apk/chainguard/cluster-api-helm-controller-fips
Vulnerabilities (44)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-32386 | — | < 0.4.1-r2 | 0.4.1-r2 | Apr 9, 2025 | Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed (e.g., >800x difference). When Helm loads this specially crafted chart, memory can be exhausted causing the application to | ||
| CVE-2025-32387 | — | < 0.4.1-r2 | 0.4.1-r2 | Apr 9, 2025 | Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.1 | ||
| CVE-2024-40635 | — | < 0.3.2-r2 | 0.3.2-r2 | Mar 17, 2025 | containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ult | ||
| CVE-2025-22868 | — | < 0.3.2-r1 | 0.3.2-r1 | Feb 26, 2025 | An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. |
- CVE-2025-32386Apr 9, 2025affected < 0.4.1-r2fixed 0.4.1-r2
Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed (e.g., >800x difference). When Helm loads this specially crafted chart, memory can be exhausted causing the application to
- CVE-2025-32387Apr 9, 2025affected < 0.4.1-r2fixed 0.4.1-r2
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.1
- CVE-2024-40635Mar 17, 2025affected < 0.3.2-r2fixed 0.3.2-r2
containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ult
- CVE-2025-22868Feb 26, 2025affected < 0.3.2-r1fixed 0.3.2-r1
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
Page 3 of 3