Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability in helm v3.13.2 #392

Closed
ranjanprasad1996 opened this issue Apr 4, 2024 · 2 comments
Closed

Vulnerability in helm v3.13.2 #392

ranjanprasad1996 opened this issue Apr 4, 2024 · 2 comments
Assignees
@hypnoglow
Labels
dependencies Pull requests that update a dependency file
Milestone
0.16.1

Comments

@ranjanprasad1996
Copy link

Vulnerability found - CVE-2024-26147
https://avd.aquasec.com/nvd/cve-2024-26147

Need to upgrade helm version to 3.14.2
@hypnoglow
Copy link
Owner

I don't think that helm-s3 is affected directly, because the vulnerability takes effect when some other malicious plugin added to helm installation.

However, will update helm package we use for the next release.

@hypnoglow hypnoglow added the dependencies Pull requests that update a dependency file label Apr 4, 2024
@hypnoglow hypnoglow self-assigned this Apr 4, 2024
@hypnoglow hypnoglow added this to the Next milestone Apr 4, 2024
@hypnoglow
Copy link
Owner

Fixed in #439

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hypnoglow hypnoglow

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
0.16.1
Development

No branches or pull requests
2 participants
@hypnoglow @ranjanprasad1996