rpm package
suse/helm&distro=SUSE Linux Enterprise Module for Package Hub 15 SP5
pkg:rpm/suse/helm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26147 | — | < 3.16.3-150000.1.38.1 | 3.16.3-150000.1.38.1 | Feb 21, 2024 | Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an `index.yaml` file or a plugins `plugin.yaml` file were missing all m | ||
| CVE-2024-25620 | — | < 3.16.3-150000.1.38.1 | 3.16.3-150000.1.38.1 | Feb 14, 2024 | Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected direct | ||
| CVE-2022-41723 | — | < 3.13.1-150000.1.26.1 | 3.13.1-150000.1.26.1 | Feb 28, 2023 | A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | ||
| CVE-2023-25173 | — | < 3.13.1-150000.1.26.1 | 3.13.1-150000.1.26.1 | Feb 16, 2023 | containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group acces |
- CVE-2024-26147Feb 21, 2024affected < 3.16.3-150000.1.38.1fixed 3.16.3-150000.1.38.1
Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an `index.yaml` file or a plugins `plugin.yaml` file were missing all m
- CVE-2024-25620Feb 14, 2024affected < 3.16.3-150000.1.38.1fixed 3.16.3-150000.1.38.1
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected direct
- CVE-2022-41723Feb 28, 2023affected < 3.13.1-150000.1.26.1fixed 3.13.1-150000.1.26.1
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
- CVE-2023-25173Feb 16, 2023affected < 3.13.1-150000.1.26.1fixed 3.13.1-150000.1.26.1
containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group acces