VYPR

rpm package

suse/helm&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

pkg:rpm/suse/helm&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS

Vulnerabilities (5)

  • CVE-2025-58190Feb 5, 2026
    affected < 3.19.1-150000.1.57.1fixed 3.19.1-150000.1.57.1

    The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

  • CVE-2025-47911Feb 5, 2026
    affected < 3.19.1-150000.1.57.1fixed 3.19.1-150000.1.57.1

    The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

  • CVE-2025-53547Jul 8, 2025
    affected < 3.19.1-150000.1.57.1fixed 3.19.1-150000.1.57.1

    Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lo

  • CVE-2024-45338MedDec 18, 2024
    affected < 3.17.1-150000.1.41.1fixed 3.17.1-150000.1.41.1

    An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

  • CVE-2024-45337CriDec 12, 2024
    affected < 3.17.1-150000.1.41.1fixed 3.17.1-150000.1.41.1

    Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that