6 matches found
CVE-2026-24851
CVE-2026-24851 technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2025-64751
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
GHSA-MGH9-4MWP-FG55 OpenFGA Authorization Bypass
Overview OpenFGA v1.9.3 to v1.9.4 openfga-0.2.40 = Helm chart = openfga-0.2.41, v1.9.3 = docker = v.1.9.4 are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. Am I Affected? You are affected by this vulnerability if you are using OpenFGA v1.9.3 to...
GHSA-7JR6-PRV4-5WF5 Duplicate Advisory: Helm passes repository credentials to alternate domain
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-56hp-xqp3-w2jf. This link is maintained to preserve external references. Original Description Helm is a tool for managing Charts packages of pre-configured Kubernetes resources. In versions of helm prior to 3.6....
GHSA-56HP-XQP3-W2JF Helm passes repository credentials to alternate domain
While working on the Helm source, a Helm core maintainer discovered a situation where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. Impact The index.yaml within a Helm chart repository contains a...
CVE-2021-32690
Helm is a tool for managing Charts packages of pre-configured Kubernetes resources. In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. Thi...