Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.10 views

PT-2026-32426

Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not...

8.4CVSS5.9AI score0.00158EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.4 views

PT-2026-32427

Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. This vulnerability is fixed in 4.1.4...

8.4CVSS5.8AI score0.00178EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/04/12 11:24 p.m.4 views

SUSE CVE-2026-35205

Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. This vulnerability is fixed in 4.1.4...

7.8CVSS5.8AI score0.00178EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/10 3:33 p.m.6 views

EUVD-2026-20901

Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install...

8.4CVSS5.8AI score0.00178EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.9 views

PT-2026-31624

Name of the Vulnerable Software and Affected Versions Helm versions 4.0.0 through 4.1.3 Description Helm, a package manager for Kubernetes Charts, versions 4.0.0 through 4.1.3 do not install plugins with provenance files .prov file when signature verification is required. This impacts the integri...

8.4CVSS5.8AI score0.00178EPSS
Exploits0References10
Rows per page
Query Builder