5 matches found
PT-2026-32426
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not...
PT-2026-32427
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. This vulnerability is fixed in 4.1.4...
SUSE CVE-2026-35205
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. This vulnerability is fixed in 4.1.4...
EUVD-2026-20901
Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install...
PT-2026-31624
Name of the Vulnerable Software and Affected Versions Helm versions 4.0.0 through 4.1.3 Description Helm, a package manager for Kubernetes Charts, versions 4.0.0 through 4.1.3 do not install plugins with provenance files .prov file when signature verification is required. This impacts the integri...