4 matches found
SUSE SLES16 Security Update : helm (SUSE-SU-2026:21434-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21434-1 advisory. Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM...
SUSE-SU-2026:21461-1 Security update for helm
This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output...
CVE-2025-55199 vulnerabilities
Vulnerabilities for packages: kots, kubescape, chart-testing-fips, flux, cerbos-fips, kube-arangodb-fips, trivy-fips, pluto-fips, nova, helm-operator, helm-set-status, envoy-gateway, chartmuseum, headlamp-fips, chartmuseum-fips, teleport, flux-source-controller-fips, consul-k8s-fips,...
CVE-2025-55199
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...