Lucene search
K

1425 matches found

Fedora
Fedora
added 5 days ago6 views

[SECURITY] Fedora 44 Update: helm-4.2.2-1.fc44

Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Use Helm to: - Find and use popular software packaged as Helm Charts to run in Kubernetes - Share your own applications as Helm Charts - Create reproducible builds of your Kubernetes applications -...

8.6CVSS7.1AI score0.00178EPSS
Exploits3
OPENSUSE Linux
OPENSUSE Linux
added 5 days ago3 views

Security update for trivy (important)

openSUSE security update: security update for trivy ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21249-1 Rating: important References: bsc1269269 bsc1269271 Cross-References: CVE-2026-54448 CVE-2026-55092 CVSS scores: CVE-2026-54448 SUSE : 6.5...

8.6CVSS6.2AI score0.00292EPSS
Exploits0References2
OSV
OSV
added 6 days ago5 views

GO-2026-5873 Rancher Fleet has SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml in github.com/rancher/fleet

Rancher Fleet has SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml in github.com/rancher/fleet...

5CVSS5.9AI score0.00386EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 11:16 a.m.8 views

CVE-2026-44936

Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...

5CVSS0.00386EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 9:30 a.m.19 views

CVE-2026-44936

CVE-2026-44936 describes an SSRF risk in SUSE Rancher Fleet’s bundle reader when the helmRepoURLRegex field is not set on a GitRepo. The vulnerability allows forwarding Helm authentication credentials (BasicAuth) to any URL specified in the fleet.yaml helm.repo field, potentially leaking admin cr...

5CVSS6AI score0.00386EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/06 9:30 a.m.32 views

CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml

Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...

5CVSS0.00386EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 9:30 a.m.5 views

EUVD-2026-41863

Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...

5CVSS6AI score0.00386EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 9:30 a.m.2 views

CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml

Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...

5CVSS6AI score0.00386EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 12:0 a.m.2 views

OPENSUSE-SU-2026:11186-1 helm-4.2.2-2.1 on GA media

These are all security issues fixed in the helm-4.2.2-2.1 package on the GA media of openSUSE Tumbleweed...

5.9AI score
Exploits0References1
NVD
NVD
added 2026/07/02 5:16 p.m.10 views

CVE-2026-44935

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...

9.9CVSS0.00585EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 4:0 p.m.24 views

CVE-2026-44935

The vulnerability (CVE-2026-44935) affects SUSE Rancher Fleet’s Helm Deployer where missing validation of valuesFrom references enables cross-tenant access to fleet credentials stored in secrets/config maps on downstream clusters. Affected versions include Fleet 0.15.x before 0.15.2, 0.14.x befor...

9.9CVSS5.8AI score0.00585EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 4:0 p.m.35 views

CVE-2026-44935 Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...

9.9CVSS0.00585EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 4:0 p.m.9 views

CVE-2026-44935

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...

9.9CVSS5.8AI score0.00585EPSS
Exploits0References2Affected Software1
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.12 views

GHSA-VH4V-2XQ2-G5CG vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.10 views

CVE-2026-48978 vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.12 views

GHSA-XF85-363P-868W vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.13 views

GHSA-8XWF-RJM4-XVHV vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.10 views

CVE-2026-50162 vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.16 views

GHSA-JXPM-75MH-9FP7 vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.9 views

CVE-2026-50151 vulnerabilities

Vulnerabilities for packages: cert-manager-cmctl-fips, zarf-fips, argo-cd, helm-push, cert-manager-cmctl, tw, ratify, gitness, envoy-gateway, rancher-agent, kube-arangodb, k9s, consul-k8s, headlamp, linkerd2-fips, argocd-image-updater, argocd-image-updater-fips, opentofu, k9s-fips, kyverno,...

6.1AI score
Exploits0
Rows per page
Query Builder