OPENSUSE-SU-2026:10823-1 helm-4.2.0-2.1 on GA media

These are all security issues fixed in the helm-4.2.0-2.1 package on the GA media of openSUSE Tumbleweed...

SUSE-SU-2026:1483-1 Security update for helm

This update for helm fixes the following issues: - CVE-2025-55199: crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: files written to unexpected directory via specially crafted Chartbsc1261938. Changes for helm: - Update to version 3.20.2...

OPENSUSE-SU-2026:10318-1 helm-4.1.1-3.1 on GA media

These are all security issues fixed in the helm-4.1.1-3.1 package on the GA media of openSUSE Tumbleweed...

GHSA-3F44-XW83-3PMG Renovate vulnerable to arbitrary command injection via helmv3 manager and malicious Chart.yaml file

Summary The user-provided string repository in the helmv3 manager is appended to the helm registry login command without proper sanitization. Details Adversaries can provide a maliciously crafted Chart.yaml in conjunctions with a tweaked Renovate configuration file to trick Renovate to execute...

CVE-2025-65109 Minder does not sandbox http.send in Rego programs

Minder is an open source software supply chain security platform. In Minder Helm version 0.20241106.3386+ref.2507dbf and Minder Go versions from 0.0.72 to 0.0.83, Minder users may fetch content in the context of the Minder server, which may include URLs which the user would not normally have acce...

PT-2025-47814

Name of the Vulnerable Software and Affected Versions Minder Helm version 0.20241106.3386+ref.2507dbf Minder Go versions 0.0.72 through 0.0.83 Description Minder is an open source software supply chain security platform. Minder users may be able to retrieve content through the Minder server that...

SUSE-SU-2025:21043-1 Security update for helm

This update for helm fixes the following issues: Update to version 3.19.1 bsc1251649, CVE-2025-58190, bsc1251442, CVE-2025-47911: choredeps: bump github.com/containerd/containerd from 1.7.28 to 1.7.29 jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 Avoid "panic: interface...

helm-3.19.1-1.1 on GA media (moderate)

helm-3.19.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15730-1 Rating: moderate Cross-References: CVE-2025-47911 CVE-2025-58190 CVSS scores: CVE-2025-47911 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-47911 SUSE : 6.9...

EUVD-2025-24646

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-25620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose...

BIT-HELM-2025-55199 Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

CVE-2025-55198

A flaw was found in helm.sh/helm/v3. Improper validation of type errors during parsing of Chart.yaml and index.yaml files can trigger a panic. A remote attacker, requiring user interaction, can trigger this panic via a malformed chart file. This can lead to an application level denial of service...

CVE-2025-55199

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

CVE-2025-55198

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatted as Helm expect...

GHSA-F9F8-9PMF-XV68 Helm May Panic Due To Incorrect YAML Content

A Helm contributor discovered an improper validation of type error when parsing Chart.yaml and index.yaml files that can lead to a panic. Impact There are two areas of YAML validation that were impacted. First, when a Chart.yaml file had a null maintainer or the child or parent of a dependencies...

CVE-2025-55198

CVE-2025-55198 affects Helm (Charts for Kubernetes). Prior to 3.18.5, parsing Chart.yaml and index.yaml could panic due to improper type validation. Helm 3.18.5 fixes the issue; a workaround is to ensure YAML files are formatted as Helm expects before processing. The IBM/Converged IBM bulletins l...

AZL-64877 CVE-2025-53547 affecting package helm for versions less than 3.14.2-7

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

PT-2025-23276 · Suse · Helm

This update for helm fixes the following issues: help was updated to version 3.17.3: Helm v3.17.3 is a security patch release. Users are strongly recommended to update to this release. Changelog - Unarchiving fix e4da497 Matt Farina...

Security update for helm

This update for helm fixes the following issues: Update to version 3.17.2 bsc1238688, CVE-2025-22870: Updating to 0.37.0 for x/net builddeps: bump the k8s-io group with 7 updates Update to version 3.17.1: merge null child chart objects builddeps: bump the k8s-io group with 7 updates fix: check...

SUSE CVE-2025-32386

Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed e.g., 800x difference. When Helm loads this specially crafted chart, memory can be exhausted causing the application to terminate. This issu...