apk package
chainguard/flux-helm-controller-0.37
pkg:apk/chainguard/flux-helm-controller-0.37
Vulnerabilities (34)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-44487 | Hig | 7.5 | KEV | < 0.27.0-r3 | 0.27.0-r3 | Oct 10, 2023 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2023-3978 | — | < 0.27.0-r2 | 0.27.0-r2 | Aug 2, 2023 | Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. | ||
| CVE-2023-2253 | — | < 0.27.0-r7 | 0.27.0-r7 | Jun 6, 2023 | A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the all | ||
| CVE-2023-28840 | — | < 0.27.0-r7 | 0.27.0-r7 | Apr 4, 2023 | Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby, is commonly referred to as *Docke | ||
| CVE-2023-28841 | — | < 0.27.0-r7 | 0.27.0-r7 | Apr 4, 2023 | Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docker | ||
| CVE-2023-28842 | — | < 0.27.0-r7 | 0.27.0-r7 | Apr 4, 2023 | Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docke | ||
| CVE-2023-25173 | — | < 0.27.0-r7 | 0.27.0-r7 | Feb 16, 2023 | containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group acces | ||
| CVE-2023-25153 | — | < 0.27.0-r7 | 0.27.0-r7 | Feb 16, 2023 | containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of se | ||
| CVE-2023-25165 | — | < 0.27.0-r7 | 0.27.0-r7 | Feb 8, 2023 | Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a D | ||
| CVE-2022-23526 | — | < 0.27.0-r7 | 0.27.0-r7 | Dec 15, 2022 | Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validati | ||
| CVE-2022-23525 | — | < 0.27.0-r7 | 0.27.0-r7 | Dec 15, 2022 | Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds r | ||
| CVE-2022-23524 | — | < 0.27.0-r7 | 0.27.0-r7 | Dec 15, 2022 | Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cann | ||
| CVE-2022-23471 | — | < 0.27.0-r7 | 0.27.0-r7 | Dec 7, 2022 | containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to | ||
| CVE-2020-8552 | — | < 0 | 0 | Mar 27, 2020 | The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests. |
- affected < 0.27.0-r3fixed 0.27.0-r3
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
- CVE-2023-3978Aug 2, 2023affected < 0.27.0-r2fixed 0.27.0-r2
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
- CVE-2023-2253Jun 6, 2023affected < 0.27.0-r7fixed 0.27.0-r7
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the all
- CVE-2023-28840Apr 4, 2023affected < 0.27.0-r7fixed 0.27.0-r7
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby, is commonly referred to as *Docke
- CVE-2023-28841Apr 4, 2023affected < 0.27.0-r7fixed 0.27.0-r7
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docker
- CVE-2023-28842Apr 4, 2023affected < 0.27.0-r7fixed 0.27.0-r7
Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docke
- CVE-2023-25173Feb 16, 2023affected < 0.27.0-r7fixed 0.27.0-r7
containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group acces
- CVE-2023-25153Feb 16, 2023affected < 0.27.0-r7fixed 0.27.0-r7
containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of se
- CVE-2023-25165Feb 8, 2023affected < 0.27.0-r7fixed 0.27.0-r7
Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a D
- CVE-2022-23526Dec 15, 2022affected < 0.27.0-r7fixed 0.27.0-r7
Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validati
- CVE-2022-23525Dec 15, 2022affected < 0.27.0-r7fixed 0.27.0-r7
Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds r
- CVE-2022-23524Dec 15, 2022affected < 0.27.0-r7fixed 0.27.0-r7
Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cann
- CVE-2022-23471Dec 7, 2022affected < 0.27.0-r7fixed 0.27.0-r7
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to
- CVE-2020-8552Mar 27, 2020affected < 0fixed 0
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
Page 2 of 2