Lucene search
K

17 matches found

Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.18 views

PT-2026-39723

An authenticated user with upload permission to a hosted repository can store content that causes arbitrary JavaScript to execute in the browser of any user who browses that repository directory via the HTML index page in Sonatype Nexus Repository versions 3.6.0 through versions before 3.92.0. Th...

5.1CVSS6AI score0.00266EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-19774

Malware in sbrugna...

6.5CVSS5.8AI score0.01423EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-19775

Malware in sbrugna...

6.5CVSS5.7AI score0.01392EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-21303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Helm is open-source software which is essentially The Kubernetes Package Manager. Helm is a tool for managing Charts. Charts are packages of pre-configured...

6.8CVSS7AI score0.0103EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.5 views

SUSE CVE-2020-15185

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

2.2CVSS7.9AI score0.00883EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.2 views

SUSE CVE-2021-21303

Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted...

6.8CVSS8.7AI score0.0103EPSS
Exploits0References3
OSV
OSV
added 2022/12/14 9:38 p.m.28 views

GHSA-53C4-HHMH-VW5Q Helm vulnerable to denial of service through through repository index file

Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the repo package that can cause a segmentation violation. Applications that use functions from the repo package in the Helm SDK can have a Denial of Service attack when they use this package and it panics...

5.3CVSS6.1AI score0.00818EPSS
Exploits0References5
OSV
OSV
added 2021/06/23 6:14 p.m.27 views

GHSA-C38G-469G-CMGX Improper Neutralization of Special Elements in Output in helm.sh/helm/v3

Since Helm 2 was released, a well-documented aspect of Helm is that the Helm chart's version number MUST follow the SemVer2 specification. In the past, Helm would not permit charts with malformed versions. At some point, a patch was merged that changed this - On a version parse error, the version...

6.5CVSS6.8AI score0.0103EPSS
Exploits0References7
OSV
OSV
added 2021/02/05 10:15 p.m.8 views

UBUNTU-CVE-2021-21303

Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted...

6.8CVSS7AI score0.0103EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/05/14 11:57 a.m.23 views

CVE-2018-8099

Incorrect returning of an error code in the index.c:readentry function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file...

6.5CVSS3.3AI score0.01423EPSS
Exploits0References1
NVD
NVD
added 2018/03/14 12:29 a.m.29 views

CVE-2018-8098

Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...

6.5CVSS6.5AI score0.01423EPSS
Exploits0References4
Prion
Prion
added 2018/03/14 12:29 a.m.19 views

Integer overflow

Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...

4.3CVSS6.3AI score0.01423EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2018/03/14 12:29 a.m.22 views

Double free

Incorrect returning of an error code in the index.c:readentry function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file...

4.3CVSS6.4AI score0.01392EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2018/03/14 12:29 a.m.24 views

CVE-2018-8098

Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...

6.5CVSS7.1AI score
Exploits0References4
Cvelist
Cvelist
added 2018/03/14 12:0 a.m.34 views

CVE-2018-8098

Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...

7.5AI score0.01423EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/03/14 12:0 a.m.27 views

CVE-2018-8099

Incorrect returning of an error code in the index.c:readentry function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file...

6.8AI score0.01392EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/03/14 12:0 a.m.39 views

CVE-2018-8098

Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...

6.5CVSS5.4AI score0.01423EPSS
Exploits0
Rows per page
Query Builder