1425 matches found
[SECURITY] Fedora 44 Update: helm-4.2.2-1.fc44
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Use Helm to: - Find and use popular software packaged as Helm Charts to run in Kubernetes - Share your own applications as Helm Charts - Create reproducible builds of your Kubernetes applications -...
Security update for trivy (important)
openSUSE security update: security update for trivy ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21249-1 Rating: important References: bsc1269269 bsc1269271 Cross-References: CVE-2026-54448 CVE-2026-55092 CVSS scores: CVE-2026-54448 SUSE : 6.5...
GO-2026-5873 Rancher Fleet has SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml in github.com/rancher/fleet
Rancher Fleet has SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml in github.com/rancher/fleet...
CVE-2026-44936
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...
CVE-2026-44936
CVE-2026-44936 describes an SSRF risk in SUSE Rancher Fleet’s bundle reader when the helmRepoURLRegex field is not set on a GitRepo. The vulnerability allows forwarding Helm authentication credentials (BasicAuth) to any URL specified in the fleet.yaml helm.repo field, potentially leaking admin cr...
CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...
EUVD-2026-41863
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...
CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...
OPENSUSE-SU-2026:11186-1 helm-4.2.2-2.1 on GA media
These are all security issues fixed in the helm-4.2.2-2.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-44935
Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...
CVE-2026-44935
The vulnerability (CVE-2026-44935) affects SUSE Rancher Fleet’s Helm Deployer where missing validation of valuesFrom references enables cross-tenant access to fleet credentials stored in secrets/config maps on downstream clusters. Affected versions include Fleet 0.15.x before 0.15.2, 0.14.x befor...
CVE-2026-44935 Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...
CVE-2026-44935
Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...
GHSA-VH4V-2XQ2-G5CG vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...
CVE-2026-48978 vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...
GHSA-XF85-363P-868W vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...
GHSA-8XWF-RJM4-XVHV vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...
CVE-2026-50162 vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...
GHSA-JXPM-75MH-9FP7 vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...
CVE-2026-50151 vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...