Helm 安全漏洞

Helm is a Kubernetes package manager offered by the CNCF Foundation. Helm versions 4.1.3 and earlier contain security vulnerabilities, which stem from the installation of plugins without source verification when signature validation is required...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.20.6 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

EUVD-2021-1119

Malware in sbrugna...

EUVD-2022-4688

Malicious code in bioql PyPI...

CVE-2025-22872 affecting package helm for versions less than 3.15.2-3

CVE-2025-22872 affecting package helm for versions less than 3.15.2-3. A patched version of the package is available...

GHSA-7WRW-R4P8-38RX vulnerabilities

Vulnerabilities for packages: gops, flannel, slsa-verifier, vexctl, postgres-operator, kube-rbac-proxy, dataplaneapi, aws-flb-kinesis, wire-go, prometheus-alertmanager, bazelisk, nri-nginx, kubernetes-dashboard-metrics-scraper, argo-events, mockgen, splunk-otel-collector, vertical-pod-autoscaler,...

Security Bulletin: IBM Cloud Private is vulnerable to Helm vulnerabilities (CVE-2020-15187, CVE-2020-15186, CVE-2020-15185, CVE-2020-15184)

Summary IBM Cloud Private is vulnerable to Helm vulnerabilities Vulnerability Details CVEID: CVE-2020-15187 DESCRIPTION: Helm could allow a remote authenticated attacker to bypass security restrictions, caused by an issue with containing duplicates of the same entry in the plugin.yaml file. By...