CVE-2024-26147 Helm's Missing YAML Content Leads To Panic

Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...

CVE-2024-26147 Helm's Missing YAML Content Leads To Panic

Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...

CVE-2024-26147

CVE-2024-26147 affects Helm before 3.14.2. When Helm parses index.yaml or plugins/plugin.yaml with missing content, an uninitialized variable can cause a panic. In the Helm SDK this is exposed via LoadIndexFile, DownloadIndexFile, or LoadDir, and in the Helm client it can affect repo-adding workf...

CVE-2024-26147 Helm's Missing YAML Content Leads To Panic

Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...

PT-2024-2571 · Helm +2 · Helm +2

Name of the Vulnerable Software and Affected Versions: Helm versions prior to 3.14.2 Description: The issue is related to an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. This can cause a panic in Helm when either an index.yaml file or...

Use of Uninitialized Variable

Overview fastecdsa is a python package for doing fast elliptic curve cryptography, specifically digital signatures. Affected versions of this package are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted a...

Design/Logic Flaw

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.20, CP-8050 MASTER MODULE All versions CPCI85 V05.20. The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being...

CVE-2023-42797

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.20, CP-8050 MASTER MODULE All versions CPCI85 V05.20. The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being...

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Prelude MP4 File Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Prelude. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

CVE-2023-50431

secattestinfo in drivers/accel/habanalabs/common/habanalabsioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info-pad0 is not initialized...

The vulnerability of the S_find_uninit_var function (sv.c) in the Perl interpreter allows a hacker to execute arbitrary code.

The vulnerability of the Sfinduninitvar function in sv.c of the Perl interpreter is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

CVE-2023-47072 ZDI-CAN-21790: Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability

Adobe After Effects version 24.0.2 and earlier and 23.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

CVE-2023-47072 ZDI-CAN-21790: Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability

Adobe After Effects version 24.0.2 and earlier and 23.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

qt5-qtsvg security update

5.15.3-2 - Fix uninitialized variable usage in munitsPerEm CVE-2023-32573 Resolves: bz2208141...

CVE-2023-47060 ZDI-CAN-21792: Adobe Premiere Pro MP4 File Uninitialized Variable Information Disclosure Vulnerability

Adobe Premiere Pro version 24.0 and earlier and 23.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue require...

CVE-2023-47047 ZDI-CAN-21685: Adobe Audition MP4 File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Audition version 24.0 and earlier and 23.6.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

CVE-2023-47053 ZDI-CAN-21689: Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Audition version 24.0 and earlier and 23.6.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2023-47053 ZDI-CAN-21689: Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Audition version 24.0 and earlier and 23.6.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2023-47044 ZDI-CAN-21789: Adobe Media Encoder MP4 File Uninitialized Variable Information Disclosure Vulnerability

Adobe Media Encoder version 24.0.2 and earlier and 23.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...