Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/5F72A23A6BB39D3A930AA17FF36C79B9
HistoryNov 23, 2020 - 12:00 a.m.

Security fix for the ALT Linux 10 package helm version 3.4.1-alt1

2020-11-2300:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
7

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

JSON

Nov. 23, 2020 Aleksei Nikiforov 3.4.1-alt1

- Updated to upstream version 3.4.1 (Fixes: CVE-2020-4053, CVE-2020-11013,
  CVE-2020-15184, CVE-2020-15185, CVE-2020-15186, CVE-2020-15187).
OSVersionArchitecturePackageVersionFilename
ALT Linux10srchelm-3.10.2-alt1.src.rpm<ย 3.4.1-alt1helm-3.10.2-alt1.src.rpm
ALT Linux10x86_64helm-3.10.2-alt1.x86_64.rpm<ย 3.4.1-alt1helm-3.10.2-alt1.x86_64.rpm
ALT Linux10x86_64helm-debuginfo-3.10.2-alt1.x86_64.rpm<ย 3.4.1-alt1helm-debuginfo-3.10.2-alt1.x86_64.rpm
ALT Linux10i586helm-3.10.2-alt1.i586.rpm<ย 3.4.1-alt1helm-3.10.2-alt1.i586.rpm
ALT Linux10i586helm-debuginfo-3.10.2-alt1.i586.rpm<ย 3.4.1-alt1helm-debuginfo-3.10.2-alt1.i586.rpm
ALT Linux10aarch64helm-3.10.2-alt1.aarch64.rpm<ย 3.4.1-alt1helm-3.10.2-alt1.aarch64.rpm
ALT Linux10aarch64helm-debuginfo-3.10.2-alt1.aarch64.rpm<ย 3.4.1-alt1helm-debuginfo-3.10.2-alt1.aarch64.rpm
ALT Linux10armhhelm-3.10.2-alt1.armh.rpm<ย 3.4.1-alt1helm-3.10.2-alt1.armh.rpm
ALT Linux10armhhelm-debuginfo-3.10.2-alt1.armh.rpm<ย 3.4.1-alt1helm-debuginfo-3.10.2-alt1.armh.rpm
ALT Linux10ppc64lehelm-3.10.2-alt1.ppc64le.rpm<ย 3.4.1-alt1helm-3.10.2-alt1.ppc64le.rpm
Rows per page:
1-10 of 111

Related

ibm 3
openvas 1
nessus 1
cve 6
prion 6
osv 18
gitlab 14
veracode 6
github 6
redhatcve 6
ubuntucve 1
ibm
ibm
Security Bulletin: IBM Cloud Private is vulnerable to Helm vulnerabilities (CVE-2020-15187, CVE-2020-15186, CVE-2020-15185, CVE-2020-15184)
2021-02-26 15:14:52
Security Bulletin: Multiple vulnerabilities affect IBM Db2 On Openshift, IBM Db2ยฎ on Cloud Pak for Data and Db2 Warehouseยฎ on Cloud Pak for Data
2022-10-27 15:10:28
Security Bulletin: Vulnerabilities in the Python, Docker, and ICP affect IBM Spectrum Discover
2021-05-13 16:56:10
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3760-1)
2021-06-09 00:00:00
nessus
nessus
SUSE SLES15 Security Update : Security changes in Kubernetes, etcd, / helm; Bugfix in cri-o package (SUSE-SU-2020:3760-1)
2020-12-14 00:00:00
cve
cve
CVE-2020-15187
2020-09-17 22:15:00
CVE-2020-15185
2020-09-17 22:15:00
CVE-2020-15184
2020-09-17 21:15:00
prion
prion
Design/Logic Flaw
2020-09-17 21:15:00
Code injection
2020-09-17 22:15:00
Design/Logic Flaw
2020-09-17 22:15:00
osv
osv
Aliases are never checked in helm
2021-05-24 16:56:58
CVE-2020-15186
2020-09-17 22:15:12
CVE-2020-15187
2020-09-17 22:15:12
gitlab
gitlab
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
2021-05-24 00:00:00
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
2021-05-24 00:00:00
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
2021-05-24 00:00:00
veracode
veracode
Command Injection
2020-09-18 02:29:24
Authorization Bypass
2020-09-18 03:36:33
Content Spoofing
2020-09-18 05:32:27
github
github
plugin.yaml file allows for duplicate entries in helm
2021-05-24 16:57:21
Aliases are never checked in helm
2021-05-24 16:56:58
Repository index file allows for duplicates of the same chart entry in helm
2021-05-24 16:57:06
redhatcve
redhatcve
CVE-2020-15184
2020-09-24 11:16:52
CVE-2020-15187
2020-09-24 09:47:02
CVE-2020-15185
2020-09-24 10:17:27
ubuntucve
ubuntucve
CVE-2020-11013
2020-04-24 00:00:00

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

JSON
Related for 5F72A23A6BB39D3A930AA17FF36C79B9
ibm3openvas1nessus1cve6prion6osv18gitlab14veracode6github6redhatcve6ubuntucve1