VYPR

apk package

chainguard/kumactl-2.11

pkg:apk/chainguard/kumactl-2.11

Vulnerabilities (25)

  • CVE-2025-58181Nov 19, 2025
    affected < 2.11.7-r1fixed 2.11.7-r1

    SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

  • CVE-2025-55198Aug 13, 2025
    affected < 2.11.4-r2fixed 2.11.4-r2

    Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatt

  • CVE-2025-55199Aug 13, 2025
    affected < 2.11.4-r2fixed 2.11.4-r2

    Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory (OOM) termination. This issue has been resolved in Helm 3.18.5. A work

  • CVE-2025-47907Aug 7, 2025
    affected < 2.11.4-r1fixed 2.11.4-r1

    Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the ex

  • CVE-2025-53547Jul 8, 2025
    affected < 2.11.2-r0fixed 2.11.2-r0

    Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lo

Page 2 of 2