18 matches found
openSUSE Security Advisory (SUSE-SU-2024:1137-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: cert-manager / helm (CVE-2024-25620)
The version of cert-manager / helm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25620 advisory. - Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources...
CBL Mariner 2.0 Security Update: cert-manager / helm (CVE-2024-25620)
The version of cert-manager / helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25620 advisory. - Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources...
CVE-2024-25620 affecting package cert-manager for versions less than 1.11.2-12
CVE-2024-25620 affecting package cert-manager for versions less than 1.11.2-12. A patched version of the package is available...
Moderate: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.6 security update
An update is now available for Red Hat OpenShift GitOps v1.11.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Moderate: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.4 security update
An update is now available for Red Hat OpenShift GitOps v1.12.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
CVE-2024-25620 affecting package helm for versions less than 3.13.2-3
CVE-2024-25620 affecting package helm for versions less than 3.13.2-3. An upgraded version of the package is available that resolves this issue...
SUSE SLES15: helm / helm-bash-completion / helm-fish-completion / etc (SUSE-SU-2024:1137-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1137-1 advisory. - CVE-2024-25620: Fixed with dependency management path traversal bsc1219969. - CVE-2024-26147: Fixed uninitialized...
SUSE-SU-2024:1137-1 Security update for helm
This update for helm fixes the following issues: - CVE-2024-25620: Fixed with dependency management path traversal bsc1219969. - CVE-2024-26147: Fixed uninitialized variable in yaml parsing bsc1220207...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.15.3 bug fix and security update
Red Hat OpenShift Container Platform release 4.15.3 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...
Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.3 security and bug fix container updates
Red Hat Advanced Cluster Management for Kubernetes 2.9.3 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: cilium-cli, zarf, flux-helm-controller, flux-source-controller, eksctl, helm-operator, chartmuseum, helm-push, k9s, k8sgpt, kubevela, trivy, zot, kots, kubescape, up...
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: kots, cilium-cli, k8sgpt, eksctl, chartmuseum, helm-operator, flux-source-controller, k9s, zot, kubevela, cert-manager, trivy, up, helm-push, flux-helm-controller, zarf, kubescape, cert-manager-fips...
CVE-2024-25620
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the...
CVE-2024-25620 Dependency management path traversal in helm
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the...
CVE-2024-25620 Dependency management path traversal in helm
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the...
CVE-2024-25620 Dependency management path traversal in helm
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the...
CVE-2024-25620
CVE-2024-25620 – Helm path traversal vulnerability : The connected Nessus entry confirms a concrete issue in Helm where saving a chart with a relative path in Chart.yaml can cause the chart to be saved outside its intended directory. This is due to improper validation of user-supplied input, enab...