rpm package
opensuse/helmfile&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/helmfile&distro=openSUSE%20Tumbleweed
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-0377 | — | < 0.170.1-1.1 | 0.170.1-1.1 | Jan 21, 2025 | HashiCorp’s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry. | ||
| CVE-2024-45338 | Med | 5.3 | < 0.170.0-1.1 | 0.170.0-1.1 | Dec 18, 2024 | An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. | |
| CVE-2024-24790 | — | < 0.166.0-1.1 | 0.166.0-1.1 | Jun 5, 2024 | The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. | ||
| CVE-2023-25165 | — | < 0.150.0-2.1 | 0.150.0-2.1 | Feb 8, 2023 | Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a D |
- CVE-2025-0377Jan 21, 2025affected < 0.170.1-1.1fixed 0.170.1-1.1
HashiCorp’s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry.
- affected < 0.170.0-1.1fixed 0.170.0-1.1
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.
- CVE-2024-24790Jun 5, 2024affected < 0.166.0-1.1fixed 0.166.0-1.1
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.
- CVE-2023-25165Feb 8, 2023affected < 0.150.0-2.1fixed 0.150.0-2.1
Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a D