2 matches found
GHSA-8WC6-VGRQ-X6CF
creationtimestamp| type| source ---|---|--- 2026-02-13 09:47:36+00:00| seen| https://bsky.app/profile/renovatebot.com/post/3meq7zfb6b22w 2026-02-13 09:47:37+00:00| seen| https://bsky.app/profile/renovatebot.com/post/3meq7zfbg322w 2026-02-14 14:10:28+00:00| seen|...
Renovate vulnerable to arbitrary command injection via helmv3 manager and malicious Chart.yaml file
Summary The user-provided string repository in the helmv3 manager is appended to the helm registry login command without proper sanitization. Details Adversaries can provide a maliciously crafted Chart.yaml in conjunctions with a tweaked Renovate configuration file to trick Renovate to execute...