4 matches found
SUSE SLES16 Security Update : helm (SUSE-SU-2026:21434-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21434-1 advisory. Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM...
SUSE-SU-2026:21461-1 Security update for helm
This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output...
CVE-2025-55199 vulnerabilities
Vulnerabilities for packages: kubescape, cerbos-fips, trivy-fips, cert-manager-cmctl, k9s-fips, zot, helm-mapkubeapis, linkerd2, headlamp-fips, helm-operator, istio, chart-testing-fips, kube-arangodb-fips, consul-k8s, harbor, cluster-api-helm-controller-fips, k8ssandra-client, kube-arangodb, plut...
CVE-2025-55199
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...