Lucene search
+L

8 matches found

NVD
NVD
added yesterday6 views

CVE-2026-63308

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS
Exploits0References4
CVE
CVE
added yesterday8 views

CVE-2026-63308

Helm

5.3CVSS5.4AI score
Exploits0References4
Cvelist
Cvelist
added yesterday18 views

CVE-2026-63308 Helm Files.Lines Denial of Service via Empty Chart Files

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-45213

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS5.3AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-60806

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS5.3AI score
Exploits0References4
Veracode
Veracode
added 2025/07/09 3:52 a.m.8 views

Local Code Execution (LCE)

helm.sh/helm/v3 is vulnerable to Local Code Execution LCE. The vulnerability is due to insufficient validation and sanitization of the Chart.yaml and Chart.lock files during dependency updates, allowing a maliciously crafted file to trigger local code execution...

8.6CVSS6.3AI score0.00363EPSS
Exploits1References5Affected Software2
Positive Technologies
Positive Technologies
added 2021/02/05 12:0 a.m.6 views

PT-2021-14402 · Helm +1 · Helm +1

Name of the Vulnerable Software and Affected Versions: Helm versions 3.0 through 3.5.2 Description: Helm, a tool for managing Charts in Kubernetes, has cases where data loaded from potentially untrusted sources was not properly sanitized. This includes invalid SemVer in the version field of a...

8.6CVSS6.9AI score0.01395EPSS
Exploits0References23
CNVD
CNVD
added 2020/12/23 12:0 a.m.4 views

Memory Corruption Vulnerability in AutoShop V4.0.5.0 Timing Monitor Map

Shenzhen Huichuan Technology Co., Ltd. focuses on the research and development, production and sales of industrial automation control products, positioning itself to serve the middle and high-end equipment manufacturers, based on the industrial automation control technology with independent...

8AI score
Exploits0
Rows per page
Query Builder