4 matches found
openSUSE 16 Security Update : helm (openSUSE-SU-2026:20655-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20655-1 advisory. Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM termination...
helm-4.1.4-2.1 on GA media (moderate)
helm-4.1.4-2.1 on GA media Announcement ID: openSUSE-SU-2026:10538-1 Rating: moderate Cross-References: CVE-2026-35205 CVE-2026-35206 CVSS scores: CVE-2026-35205 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-35205 SUSE : 9.3...
CVE-2026-35206 vulnerabilities
Vulnerabilities for packages: harbor, eksctl, trivy-operator, zarf, istio, helm-set-status, flux-source-controller, helm-docs, k9s, chartmuseum, helm-mapkubeapis, teleport, kuma, cerbos, tw, k8ssandra-client, zot, helm-push, envoy-gateway, cluster-api-helm-controller, linkerd2, rancher-fleet, flu...
CVE-2026-35206
Helm is a package manager for Charts for Kubernetes. In Helm versions =3.20.1 and =4.1.3, a specially crafted Chart will cause helm pull --untar chart URL | repo/chartname to write the Chart's contents to the immediate output directory as defaulted to the current working directory; or as given by...