119 matches found
CVE-2026-54448
Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...
CVE-2026-54448
Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...
EUVD-2026-39479
Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...
CVE-2026-54448
CVE-2026-54448 affects Trivy. Prior to version 0.71.0, its Helm chart scanner uses a custom tar unpacker that reads each archive entry with io.ReadAll(tr) without a size limit, enabling a malicious .tgz to decompress to gigabytes and trigger the OS OOM killer. This could cause the Trivy process t...
CVE-2026-47847
Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...
CVE-2026-47847
Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential in the Galera replication health-check user. The environment variables MARIADB_REPLICATION_USER and MARIADB_REPLICATION_PASSWORD default to monitor and monitor , granting the user REPLICATION CLI...
BIT-MARIADB-GALERA-2026-47847 Default replication credential monitor:monitor created
Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...
Security update for trivy (important)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0303-1 Rating: important References: 1232948 1235265 1246151 Cross-References: CVE-2024-45338 CVE-2024-51744 CVE-2025-53547 CVSS scores: CVE-2024-45338 SUSE: 8.2...
Security Bulletin: Due to use of spring-web-6.2.17.jar, IBM Sterling Connect:Direct Web Services is vulnerable to allows an attacker to consume available disk space.
Summary spring-web-6.2.17.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22740. Vulnerability Details CVEID:CVE-2026-22740 DESCRIPTION: A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp...
Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment
...
CVE-2026-35206 Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment
Helm is a package manager for Charts for Kubernetes. In Helm versions =3.20.1 and =4.1.3, a specially crafted Chart will cause helm pull --untar chart URL | repo/chartname to write the Chart's contents to the immediate output directory as defaulted to the current working directory; or as given by...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...
SUSE-SU-2026:1141-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...
SUSE-SU-2026:1140-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...
SUSE CVE-2026-24044
Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...
CVE-2026-24044 ESS Community Helm Chart has a weak server key generation method
Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...
CVE-2026-24044
CVE-2026-24044 affects Element Server Suite Community Edition (ESS Community) Helm Chart. The issue arises in the Helm Chart secrets initialization hook (using matrix-tools container prior to 0.5.7) where an insecure Matrix server key generation method can produce the same key pair, enabling netw...
CVE-2026-24044 ESS Community Helm Chart has a weak server key generation method
Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...
CVE-2026-24044
Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...