Vulnerability-Lookup

CVE-2024-25620 (GCVE-0-2024-25620)

Vulnerability from cvelistv5 – Published: 2024-02-14 23:24 – Updated: 2024-08-26 14:49

Title

Dependency management path traversal in helm

Summary

Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.

Severity

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

GitHub_M

References

2 references

URL	Tags
https://github.com/helm/helm/security/advisories/…	x_refsource_CONFIRM
https://github.com/helm/helm/commit/0d0f91d1ce277…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
helm	helm	Affected: < 3.14.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:44:09.801Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
          },
          {
            "name": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "helm",
            "vendor": "helm",
            "versions": [
              {
                "lessThan": "3.14.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-25620",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-15T19:45:34.439610Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T14:49:43.726Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "helm",
          "vendor": "helm",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.14.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T23:24:57.651Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
        },
        {
          "name": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
        }
      ],
      "source": {
        "advisory": "GHSA-v53g-5gjp-272r",
        "discovery": "UNKNOWN"
      },
      "title": "Dependency management path traversal in helm"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-25620",
    "datePublished": "2024-02-14T23:24:57.651Z",
    "dateReserved": "2024-02-08T22:26:33.511Z",
    "dateUpdated": "2024-08-26T14:49:43.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-25620",
      "date": "2026-05-27",
      "epss": "0.00168",
      "percentile": "0.37487"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-25620\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-02-15T00:15:45.347\",\"lastModified\":\"2025-01-09T13:55:40.353\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.\"},{\"lang\":\"es\",\"value\":\"Helm es una herramienta para gestionar gr\u00e1ficos. Los gr\u00e1ficos son paquetes de recursos de Kubernetes preconfigurados. Cuando se utiliza el cliente Helm o el SDK para guardar un gr\u00e1fico cuyo nombre dentro del archivo `Chart.yaml` incluye un cambio de ruta relativa, el gr\u00e1fico se guardar\u00e1 fuera de su directorio esperado en funci\u00f3n de los cambios en la ruta relativa. La validaci\u00f3n y el linting no detectaron los cambios de ruta en el nombre. Este problema se resolvi\u00f3 en Helm v3.14.1. Los usuarios que no puedan actualizar deben verificar todos los gr\u00e1ficos utilizados por Helm en busca de cambios de ruta en su nombre, como se encuentra en el archivo `Chart.yaml`. Esto incluye dependencias.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.14.1\",\"matchCriteriaId\":\"2F972F64-42BF-48B2-AE0D-CCA34D9F7958\"}]}]}],\"references\":[{\"url\":\"https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r\", \"name\": \"https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503\", \"name\": \"https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T23:44:09.801Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-25620\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-15T19:45:34.439610Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*\"], \"vendor\": \"helm\", \"product\": \"helm\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.14.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-26T14:49:40.439Z\"}}], \"cna\": {\"title\": \"Dependency management path traversal in helm\", \"source\": {\"advisory\": \"GHSA-v53g-5gjp-272r\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"helm\", \"product\": \"helm\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.14.1\"}]}], \"references\": [{\"url\": \"https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r\", \"name\": \"https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503\", \"name\": \"https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-02-14T23:24:57.651Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-25620\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-26T14:49:43.726Z\", \"dateReserved\": \"2024-02-08T22:26:33.511Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-02-14T23:24:57.651Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

BDU:2024-04524

Vulnerability from fstec - Published: 14.02.2024

Title

Уязвимость пакетного менеджера для Kubernetes Helm, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю сохранить диаграмму Helm Chart за пределами ожидаемого каталога

Description

Уязвимость пакетного менеджера для Kubernetes Helm связана с неверным ограничением имени пути к каталогу с ограниченным доступом. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, сохранить диаграмму Helm Chart за пределами ожидаемого каталога

Severity


                    
                      AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Vendor

The Linux Foundation

Software Name

Helm

Software Version

до 3.14.1 (Helm)

Possible Mitigations

Использование рекомендаций: https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r

Reference

https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503 https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r

CWE

CWE-22

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "The Linux Foundation",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 3.14.1 (Helm)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.02.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "14.06.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.06.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-04524",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-25620",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Helm",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u043d\u043e\u0433\u043e \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0430 \u0434\u043b\u044f Kubernetes Helm, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u0438\u043c\u0435\u043d\u0438 \u043f\u0443\u0442\u0438 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0434\u0438\u0430\u0433\u0440\u0430\u043c\u043c\u0443 Helm Chart \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u0443\u0442\u0438 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c (\u00ab\u041e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438\u00bb) (CWE-22)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u043d\u043e\u0433\u043e \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0430 \u0434\u043b\u044f Kubernetes Helm \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u0438\u043c\u0435\u043d\u0438 \u043f\u0443\u0442\u0438 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0434\u0438\u0430\u0433\u0440\u0430\u043c\u043c\u0443 Helm Chart \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503\nhttps://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-22",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)"
}

bit-helm-2024-25620

Vulnerability from bitnami_vulndb

Published

2024-03-31 18:18

Modified

2025-05-20 10:02

Summary

Dependency management path traversal in helm

Details

Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the Chart.yaml file. This includes dependencies.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "helm",
        "purl": "pkg:bitnami/helm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.14.1"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-25620"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*",
      "cpe:2.3:a:helm:helm:*:*:*:*:*:go:*:*"
    ],
    "severity": "Medium"
  },
  "details": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.",
  "id": "BIT-helm-2024-25620",
  "modified": "2025-05-20T10:02:07.006Z",
  "published": "2024-03-31T18:18:57.477Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
    },
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620"
    }
  ],
  "schema_version": "1.5.0",
  "summary": "Dependency management path traversal in helm"
}

CERTFR-2024-AVI-0958

Vulnerability from certfr_avis - Published: 2024-11-08 - Updated: 2024-11-08

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Cloud Pak System	Cloud Pak System versions 2.3.4.x antérieures à 2.3.4.1
IBM	VIOS	VIOS version 4.1 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	Security QRadar EDR	Security QRadar EDR versions 3.12.x antérieures à 3.12.13
IBM	VIOS	VIOS version 4.1 avec un fichier python3.9.base versions antérieures à 3.9.20.0
IBM	AIX	AIX version 7.2 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	AIX	AIX version 7.3 avec un fichier python3.9.base versions antérieures à 3.9.20.0
IBM	AIX	AIX version 7.3 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP10 IF01
IBM	Cloud Pak System	Cloud Pak System versions 2.3.4.0 avec Db2 versions antérieures à 11.5.9 Special Build
IBM	Sterling Control Center	Sterling Control Center versions 6.3.1.x antérieures à 6.3.1.0 iFix03
IBM	VIOS	VIOS version 3.1 avec un fichier tcl.base versions antérieures à 8.6.10.1
IBM	Cloud Pak	Cloud Pak for Security versions antérieures à 1.10.27.0
IBM	Cloud Transformation Advisor	Cloud Transformation Advisor versions antérieures à 3.10.2
IBM	QRadar Suite Software	QRadar Suite Software versions antérieures à 1.10.27.0
IBM	Sterling Control Center	Sterling Control Center versions 6.2.1.x antérieures à 6.2.1.0 iFix14
IBM	QRadar Deployment Intelligence App	QRadar Deployment Intelligence App versions antérieures à 3.0.15

References

Title

Publication Time

FKIE_CVE-2024-25620

Vulnerability from fkie_nvd - Published: 2024-02-15 00:15 - Updated: 2025-01-09 13:55

Severity

6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503	Patch
security-advisories@github.com	https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r	Vendor Advisory

Impacted products

	Vendor	Product	Version
	helm	helm	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F972F64-42BF-48B2-AE0D-CCA34D9F7958",
              "versionEndExcluding": "3.14.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies."
    },
    {
      "lang": "es",
      "value": "Helm es una herramienta para gestionar gr\u00e1ficos. Los gr\u00e1ficos son paquetes de recursos de Kubernetes preconfigurados. Cuando se utiliza el cliente Helm o el SDK para guardar un gr\u00e1fico cuyo nombre dentro del archivo `Chart.yaml` incluye un cambio de ruta relativa, el gr\u00e1fico se guardar\u00e1 fuera de su directorio esperado en funci\u00f3n de los cambios en la ruta relativa. La validaci\u00f3n y el linting no detectaron los cambios de ruta en el nombre. Este problema se resolvi\u00f3 en Helm v3.14.1. Los usuarios que no puedan actualizar deben verificar todos los gr\u00e1ficos utilizados por Helm en busca de cambios de ruta en su nombre, como se encuentra en el archivo `Chart.yaml`. Esto incluye dependencias."
    }
  ],
  "id": "CVE-2024-25620",
  "lastModified": "2025-01-09T13:55:40.353",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-02-15T00:15:45.347",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-V53G-5GJP-272R

Vulnerability from github – Published: 2024-02-15 15:34 – Updated: 2024-02-15 15:34

Summary

Helm dependency management path traversal

Details

A Helm contributor discovered a path traversal vulnerability when Helm saves a chart including at download time.

Impact

When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name.

Patches

This issue has been resolved in Helm v3.14.1.

Workarounds

Check all charts used by Helm for path changes in their name as found in the Chart.yaml file. This includes dependencies.

Credits

Disclosed by Dominykas Blyžė at Nearform Ltd.

Severity

6.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.14.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "helm.sh/helm/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.14.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-25620"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-15T15:34:40Z",
    "nvd_published_at": "2024-02-15T00:15:45Z",
    "severity": "MODERATE"
  },
  "details": "A Helm contributor discovered a path traversal vulnerability when Helm saves a chart including at download time.\n\n### Impact\n\nWhen either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name.\n\n### Patches\n\nThis issue has been resolved in Helm v3.14.1.\n\n### Workarounds\n\nCheck all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.\n\n### Credits\n\nDisclosed by Dominykas Bly\u017e\u0117 at Nearform Ltd.",
  "id": "GHSA-v53g-5gjp-272r",
  "modified": "2024-02-15T15:34:40Z",
  "published": "2024-02-15T15:34:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620"
    },
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/helm/helm"
    },
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/releases/tag/v3.14.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Helm dependency management path traversal"
}

GSD-2024-25620

Vulnerability from gsd - Updated: 2024-02-09 06:02

Details

Aliases

CVE-2024-25620

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-25620"
      ],
      "details": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.",
      "id": "GSD-2024-25620",
      "modified": "2024-02-09T06:02:34.388591Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2024-25620",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "helm",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003c 3.14.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "helm"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-22",
                "lang": "eng",
                "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
            "refsource": "MISC",
            "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
          },
          {
            "name": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503",
            "refsource": "MISC",
            "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-v53g-5gjp-272r",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies."
          }
        ],
        "id": "CVE-2024-25620",
        "lastModified": "2024-02-15T06:23:39.303",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.1,
              "impactScore": 2.7,
              "source": "security-advisories@github.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-02-15T00:15:45.347",
        "references": [
          {
            "source": "security-advisories@github.com",
            "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
          }
        ],
        "sourceIdentifier": "security-advisories@github.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-22"
              }
            ],
            "source": "security-advisories@github.com",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

MSRC_CVE-2024-25620

Vulnerability from csaf_microsoft - Published: 2024-02-02 08:00 - Updated: 2026-02-18 14:40

Summary

Dependency management path traversal in helm

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2024-25620

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 5 products

Product	Identifier	Version	Remediation
Unresolved product id: 17299-17086		—
Unresolved product id: 17768-17084		—
Unresolved product id: 17772-17084		—
Unresolved product id: 19817-17086		—
Unresolved product id: 17707-17084		—

Known affected 5 products

Product	Version	Remediation
Unresolved product id: 17086-5	—	Vendor Fix fix
Unresolved product id: 17084-3	—	Vendor Fix fix
Unresolved product id: 17084-2	—	Vendor Fix fix
Unresolved product id: 17086-1	—	Vendor Fix fix
Unresolved product id: 17084-4	—	Vendor Fix fix

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2024/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2024/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2024-25620 Dependency management path traversal in helm - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-25620.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Dependency management path traversal in helm",
    "tracking": {
      "current_release_date": "2026-02-18T14:40:29.000Z",
      "generator": {
        "date": "2026-02-21T03:40:00.362Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2024-25620",
      "initial_release_date": "2024-02-02T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-06-30T07:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2024-08-18T00:00:00.000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Information published."
        },
        {
          "date": "2024-08-25T00:00:00.000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Information published."
        },
        {
          "date": "2024-08-26T00:00:00.000Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Information published."
        },
        {
          "date": "2024-08-27T00:00:00.000Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Information published."
        },
        {
          "date": "2024-08-28T00:00:00.000Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Information published."
        },
        {
          "date": "2024-08-29T00:00:00.000Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Information published."
        },
        {
          "date": "2024-08-30T00:00:00.000Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Information published."
        },
        {
          "date": "2024-08-31T00:00:00.000Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Information published."
        },
        {
          "date": "2024-09-01T00:00:00.000Z",
          "legacy_version": "1.9",
          "number": "10",
          "summary": "Information published."
        },
        {
          "date": "2024-09-02T00:00:00.000Z",
          "legacy_version": "2",
          "number": "11",
          "summary": "Information published."
        },
        {
          "date": "2024-09-03T00:00:00.000Z",
          "legacy_version": "2.1",
          "number": "12",
          "summary": "Information published."
        },
        {
          "date": "2024-09-05T00:00:00.000Z",
          "legacy_version": "2.2",
          "number": "13",
          "summary": "Information published."
        },
        {
          "date": "2024-09-06T00:00:00.000Z",
          "legacy_version": "2.3",
          "number": "14",
          "summary": "Information published."
        },
        {
          "date": "2024-09-07T00:00:00.000Z",
          "legacy_version": "2.4",
          "number": "15",
          "summary": "Information published."
        },
        {
          "date": "2024-09-08T00:00:00.000Z",
          "legacy_version": "2.5",
          "number": "16",
          "summary": "Information published."
        },
        {
          "date": "2024-09-11T00:00:00.000Z",
          "legacy_version": "2.6",
          "number": "17",
          "summary": "Information published."
        },
        {
          "date": "2024-12-03T00:00:00.000Z",
          "legacy_version": "2.7",
          "number": "18",
          "summary": "Added cert-manager to CBL-Mariner 2.0\nAdded cert-manager to Azure Linux 3.0\nAdded helm to Azure Linux 3.0"
        },
        {
          "date": "2026-02-18T14:40:29.000Z",
          "legacy_version": "2.8",
          "number": "19",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "19"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              },
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 cert-manager 1.11.2-12",
                "product": {
                  "name": "\u003ccbl2 cert-manager 1.11.2-12",
                  "product_id": "5"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 cert-manager 1.11.2-12",
                "product": {
                  "name": "cbl2 cert-manager 1.11.2-12",
                  "product_id": "17299"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cazl3 cert-manager 1.12.12-2",
                "product": {
                  "name": "\u003cazl3 cert-manager 1.12.12-2",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 cert-manager 1.12.12-2",
                "product": {
                  "name": "azl3 cert-manager 1.12.12-2",
                  "product_id": "17772"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 cert-manager 1.11.2-22",
                "product": {
                  "name": "\u003ccbl2 cert-manager 1.11.2-22",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 cert-manager 1.11.2-22",
                "product": {
                  "name": "cbl2 cert-manager 1.11.2-22",
                  "product_id": "19817"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cazl3 cert-manager 1.12.12-3",
                "product": {
                  "name": "\u003cazl3 cert-manager 1.12.12-3",
                  "product_id": "4"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 cert-manager 1.12.12-3",
                "product": {
                  "name": "azl3 cert-manager 1.12.12-3",
                  "product_id": "17707"
                }
              }
            ],
            "category": "product_name",
            "name": "cert-manager"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 helm 3.13.2-3",
                "product": {
                  "name": "\u003cazl3 helm 3.13.2-3",
                  "product_id": "3"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 helm 3.13.2-3",
                "product": {
                  "name": "azl3 helm 3.13.2-3",
                  "product_id": "17768"
                }
              }
            ],
            "category": "product_name",
            "name": "helm"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 cert-manager 1.11.2-12 as a component of CBL Mariner 2.0",
          "product_id": "17086-5"
        },
        "product_reference": "5",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 cert-manager 1.11.2-12 as a component of CBL Mariner 2.0",
          "product_id": "17299-17086"
        },
        "product_reference": "17299",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 helm 3.13.2-3 as a component of Azure Linux 3.0",
          "product_id": "17084-3"
        },
        "product_reference": "3",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 helm 3.13.2-3 as a component of Azure Linux 3.0",
          "product_id": "17768-17084"
        },
        "product_reference": "17768",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 cert-manager 1.12.12-2 as a component of Azure Linux 3.0",
          "product_id": "17084-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 cert-manager 1.12.12-2 as a component of Azure Linux 3.0",
          "product_id": "17772-17084"
        },
        "product_reference": "17772",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 cert-manager 1.11.2-22 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 cert-manager 1.11.2-22 as a component of CBL Mariner 2.0",
          "product_id": "19817-17086"
        },
        "product_reference": "19817",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 cert-manager 1.12.12-3 as a component of Azure Linux 3.0",
          "product_id": "17084-4"
        },
        "product_reference": "4",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 cert-manager 1.12.12-3 as a component of Azure Linux 3.0",
          "product_id": "17707-17084"
        },
        "product_reference": "17707",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-25620",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "general",
          "text": "GitHub_M",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "17299-17086",
          "17768-17084",
          "17772-17084",
          "19817-17086",
          "17707-17084"
        ],
        "known_affected": [
          "17086-5",
          "17084-3",
          "17084-2",
          "17086-1",
          "17084-4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25620 Dependency management path traversal in helm - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-25620.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-30T07:00:00.000Z",
          "details": "1.11.2-12:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-5",
            "17086-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2024-06-30T07:00:00.000Z",
          "details": "3.13.2-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-3"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2024-06-30T07:00:00.000Z",
          "details": "1.12.12-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-2",
            "17084-4"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalsScore": 0.0,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "temporalScore": 6.4,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "17086-5",
            "17084-3",
            "17084-2",
            "17086-1",
            "17084-4"
          ]
        }
      ],
      "title": "Dependency management path traversal in helm"
    }
  ]
}

OPENSUSE-SU-2024:13714-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

helm-3.14.2-2.1 on GA media

Severity

Moderate

Notes

Title of the patch: helm-3.14.2-2.1 on GA media

Description of the patch: These are all security issues fixed in the helm-3.14.2-2.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-13714

CVE-2024-25620

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm-3.14.2-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-3.14.2-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-3.14.2-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-3.14.2-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

5 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-25620/	self
https://www.suse.com/security/cve/CVE-2024-25620	external
https://bugzilla.suse.com/1219969	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "helm-3.14.2-2.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the helm-3.14.2-2.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13714",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13714-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-25620 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-25620/"
      }
    ],
    "title": "helm-3.14.2-2.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13714-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm-3.14.2-2.1.aarch64",
                "product": {
                  "name": "helm-3.14.2-2.1.aarch64",
                  "product_id": "helm-3.14.2-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "helm-bash-completion-3.14.2-2.1.aarch64",
                "product": {
                  "name": "helm-bash-completion-3.14.2-2.1.aarch64",
                  "product_id": "helm-bash-completion-3.14.2-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "helm-fish-completion-3.14.2-2.1.aarch64",
                "product": {
                  "name": "helm-fish-completion-3.14.2-2.1.aarch64",
                  "product_id": "helm-fish-completion-3.14.2-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "helm-zsh-completion-3.14.2-2.1.aarch64",
                "product": {
                  "name": "helm-zsh-completion-3.14.2-2.1.aarch64",
                  "product_id": "helm-zsh-completion-3.14.2-2.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm-3.14.2-2.1.ppc64le",
                "product": {
                  "name": "helm-3.14.2-2.1.ppc64le",
                  "product_id": "helm-3.14.2-2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "helm-bash-completion-3.14.2-2.1.ppc64le",
                "product": {
                  "name": "helm-bash-completion-3.14.2-2.1.ppc64le",
                  "product_id": "helm-bash-completion-3.14.2-2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "helm-fish-completion-3.14.2-2.1.ppc64le",
                "product": {
                  "name": "helm-fish-completion-3.14.2-2.1.ppc64le",
                  "product_id": "helm-fish-completion-3.14.2-2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "helm-zsh-completion-3.14.2-2.1.ppc64le",
                "product": {
                  "name": "helm-zsh-completion-3.14.2-2.1.ppc64le",
                  "product_id": "helm-zsh-completion-3.14.2-2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm-3.14.2-2.1.s390x",
                "product": {
                  "name": "helm-3.14.2-2.1.s390x",
                  "product_id": "helm-3.14.2-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "helm-bash-completion-3.14.2-2.1.s390x",
                "product": {
                  "name": "helm-bash-completion-3.14.2-2.1.s390x",
                  "product_id": "helm-bash-completion-3.14.2-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "helm-fish-completion-3.14.2-2.1.s390x",
                "product": {
                  "name": "helm-fish-completion-3.14.2-2.1.s390x",
                  "product_id": "helm-fish-completion-3.14.2-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "helm-zsh-completion-3.14.2-2.1.s390x",
                "product": {
                  "name": "helm-zsh-completion-3.14.2-2.1.s390x",
                  "product_id": "helm-zsh-completion-3.14.2-2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm-3.14.2-2.1.x86_64",
                "product": {
                  "name": "helm-3.14.2-2.1.x86_64",
                  "product_id": "helm-3.14.2-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "helm-bash-completion-3.14.2-2.1.x86_64",
                "product": {
                  "name": "helm-bash-completion-3.14.2-2.1.x86_64",
                  "product_id": "helm-bash-completion-3.14.2-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "helm-fish-completion-3.14.2-2.1.x86_64",
                "product": {
                  "name": "helm-fish-completion-3.14.2-2.1.x86_64",
                  "product_id": "helm-fish-completion-3.14.2-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "helm-zsh-completion-3.14.2-2.1.x86_64",
                "product": {
                  "name": "helm-zsh-completion-3.14.2-2.1.x86_64",
                  "product_id": "helm-zsh-completion-3.14.2-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-3.14.2-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-3.14.2-2.1.aarch64"
        },
        "product_reference": "helm-3.14.2-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-3.14.2-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-3.14.2-2.1.ppc64le"
        },
        "product_reference": "helm-3.14.2-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-3.14.2-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-3.14.2-2.1.s390x"
        },
        "product_reference": "helm-3.14.2-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-3.14.2-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-3.14.2-2.1.x86_64"
        },
        "product_reference": "helm-3.14.2-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-bash-completion-3.14.2-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.aarch64"
        },
        "product_reference": "helm-bash-completion-3.14.2-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-bash-completion-3.14.2-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.ppc64le"
        },
        "product_reference": "helm-bash-completion-3.14.2-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-bash-completion-3.14.2-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.s390x"
        },
        "product_reference": "helm-bash-completion-3.14.2-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-bash-completion-3.14.2-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.x86_64"
        },
        "product_reference": "helm-bash-completion-3.14.2-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-fish-completion-3.14.2-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.aarch64"
        },
        "product_reference": "helm-fish-completion-3.14.2-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-fish-completion-3.14.2-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.ppc64le"
        },
        "product_reference": "helm-fish-completion-3.14.2-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-fish-completion-3.14.2-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.s390x"
        },
        "product_reference": "helm-fish-completion-3.14.2-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-fish-completion-3.14.2-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.x86_64"
        },
        "product_reference": "helm-fish-completion-3.14.2-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-zsh-completion-3.14.2-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.aarch64"
        },
        "product_reference": "helm-zsh-completion-3.14.2-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-zsh-completion-3.14.2-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.ppc64le"
        },
        "product_reference": "helm-zsh-completion-3.14.2-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-zsh-completion-3.14.2-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.s390x"
        },
        "product_reference": "helm-zsh-completion-3.14.2-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm-zsh-completion-3.14.2-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.x86_64"
        },
        "product_reference": "helm-zsh-completion-3.14.2-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-25620",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-25620"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm-3.14.2-2.1.aarch64",
          "openSUSE Tumbleweed:helm-3.14.2-2.1.ppc64le",
          "openSUSE Tumbleweed:helm-3.14.2-2.1.s390x",
          "openSUSE Tumbleweed:helm-3.14.2-2.1.x86_64",
          "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.aarch64",
          "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.ppc64le",
          "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.s390x",
          "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.x86_64",
          "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.aarch64",
          "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.ppc64le",
          "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.s390x",
          "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.x86_64",
          "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.aarch64",
          "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.ppc64le",
          "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.s390x",
          "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-25620",
          "url": "https://www.suse.com/security/cve/CVE-2024-25620"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219969 for CVE-2024-25620",
          "url": "https://bugzilla.suse.com/1219969"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-3.14.2-2.1.x86_64",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.x86_64",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.x86_64",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-3.14.2-2.1.x86_64",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-bash-completion-3.14.2-2.1.x86_64",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-fish-completion-3.14.2-2.1.x86_64",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.aarch64",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.ppc64le",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.s390x",
            "openSUSE Tumbleweed:helm-zsh-completion-3.14.2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-25620"
    }
  ]
}

OPENSUSE-SU-2025:15779-1

Vulnerability from csaf_opensuse - Published: 2025-11-28 00:00 - Updated: 2025-11-28 00:00

Summary

helm3-3.19.2-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: helm3-3.19.2-1.1 on GA media

Description of the patch: These are all security issues fixed in the helm3-3.19.2-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2025-15779

CVE-2018-16873

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-16874

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2018-16875

5.9 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-21272

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-1996

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2022-23524

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-23525

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-23526

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2022-36055

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2023-25165

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2023-25173

5.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-25620

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-26147

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45337

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-45338

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-22870

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-22872

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-47911

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-53547

8.5 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-58190

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

70 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2018-16873/	self
https://www.suse.com/security/cve/CVE-2018-16874/	self
https://www.suse.com/security/cve/CVE-2018-16875/	self
https://www.suse.com/security/cve/CVE-2021-21272/	self
https://www.suse.com/security/cve/CVE-2022-1996/	self
https://www.suse.com/security/cve/CVE-2022-23524/	self
https://www.suse.com/security/cve/CVE-2022-23525/	self
https://www.suse.com/security/cve/CVE-2022-23526/	self
https://www.suse.com/security/cve/CVE-2022-36055/	self
https://www.suse.com/security/cve/CVE-2023-25165/	self
https://www.suse.com/security/cve/CVE-2023-25173/	self
https://www.suse.com/security/cve/CVE-2024-25620/	self
https://www.suse.com/security/cve/CVE-2024-26147/	self
https://www.suse.com/security/cve/CVE-2024-45337/	self
https://www.suse.com/security/cve/CVE-2024-45338/	self
https://www.suse.com/security/cve/CVE-2025-22870/	self
https://www.suse.com/security/cve/CVE-2025-22872/	self
https://www.suse.com/security/cve/CVE-2025-47911/	self
https://www.suse.com/security/cve/CVE-2025-53547/	self
https://www.suse.com/security/cve/CVE-2025-58190/	self
https://www.suse.com/security/cve/CVE-2018-16873	external
https://bugzilla.suse.com/1118897	external
https://bugzilla.suse.com/1118898	external
https://bugzilla.suse.com/1118899	external
https://www.suse.com/security/cve/CVE-2018-16874	external
https://bugzilla.suse.com/1118897	external
https://bugzilla.suse.com/1118898	external
https://bugzilla.suse.com/1118899	external
https://www.suse.com/security/cve/CVE-2018-16875	external
https://bugzilla.suse.com/1118897	external
https://bugzilla.suse.com/1118898	external
https://bugzilla.suse.com/1118899	external
https://www.suse.com/security/cve/CVE-2021-21272	external
https://bugzilla.suse.com/1181419	external
https://www.suse.com/security/cve/CVE-2022-1996	external
https://bugzilla.suse.com/1200528	external
https://www.suse.com/security/cve/CVE-2022-23524	external
https://bugzilla.suse.com/1206467	external
https://www.suse.com/security/cve/CVE-2022-23525	external
https://bugzilla.suse.com/1206469	external
https://www.suse.com/security/cve/CVE-2022-23526	external
https://bugzilla.suse.com/1206471	external
https://www.suse.com/security/cve/CVE-2022-36055	external
https://bugzilla.suse.com/1203054	external
https://www.suse.com/security/cve/CVE-2023-25165	external
https://bugzilla.suse.com/1208083	external
https://www.suse.com/security/cve/CVE-2023-25173	external
https://bugzilla.suse.com/1208426	external
https://bugzilla.suse.com/1215588	external
https://www.suse.com/security/cve/CVE-2024-25620	external
https://bugzilla.suse.com/1219969	external
https://www.suse.com/security/cve/CVE-2024-26147	external
https://bugzilla.suse.com/1220207	external
https://www.suse.com/security/cve/CVE-2024-45337	external
https://bugzilla.suse.com/1234482	external
https://www.suse.com/security/cve/CVE-2024-45338	external
https://bugzilla.suse.com/1234794	external
https://www.suse.com/security/cve/CVE-2025-22870	external
https://bugzilla.suse.com/1238572	external
https://bugzilla.suse.com/1238611	external
https://www.suse.com/security/cve/CVE-2025-22872	external
https://bugzilla.suse.com/1241710	external
https://www.suse.com/security/cve/CVE-2025-47911	external
https://bugzilla.suse.com/1251308	external
https://www.suse.com/security/cve/CVE-2025-53547	external
https://bugzilla.suse.com/1246150	external
https://www.suse.com/security/cve/CVE-2025-58190	external
https://bugzilla.suse.com/1251309	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "helm3-3.19.2-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the helm3-3.19.2-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15779",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15779-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16873 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16873/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16874 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16874/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16875 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16875/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21272 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21272/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1996 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1996/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23524 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23524/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23525 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23525/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23526 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23526/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36055 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36055/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25165 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25165/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25173 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-25620 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-25620/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-26147 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-26147/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45337 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45337/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45338 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45338/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22870 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22870/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22872 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-47911 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-47911/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-53547 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-53547/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-58190 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-58190/"
      }
    ],
    "title": "helm3-3.19.2-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-11-28T00:00:00Z",
      "generator": {
        "date": "2025-11-28T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15779-1",
      "initial_release_date": "2025-11-28T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-11-28T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm3-3.19.2-1.1.aarch64",
                "product": {
                  "name": "helm3-3.19.2-1.1.aarch64",
                  "product_id": "helm3-3.19.2-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-bash-completion-3.19.2-1.1.aarch64",
                "product": {
                  "name": "helm3-bash-completion-3.19.2-1.1.aarch64",
                  "product_id": "helm3-bash-completion-3.19.2-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-fish-completion-3.19.2-1.1.aarch64",
                "product": {
                  "name": "helm3-fish-completion-3.19.2-1.1.aarch64",
                  "product_id": "helm3-fish-completion-3.19.2-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-zsh-completion-3.19.2-1.1.aarch64",
                "product": {
                  "name": "helm3-zsh-completion-3.19.2-1.1.aarch64",
                  "product_id": "helm3-zsh-completion-3.19.2-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm3-3.19.2-1.1.ppc64le",
                "product": {
                  "name": "helm3-3.19.2-1.1.ppc64le",
                  "product_id": "helm3-3.19.2-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-bash-completion-3.19.2-1.1.ppc64le",
                "product": {
                  "name": "helm3-bash-completion-3.19.2-1.1.ppc64le",
                  "product_id": "helm3-bash-completion-3.19.2-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-fish-completion-3.19.2-1.1.ppc64le",
                "product": {
                  "name": "helm3-fish-completion-3.19.2-1.1.ppc64le",
                  "product_id": "helm3-fish-completion-3.19.2-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
                "product": {
                  "name": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
                  "product_id": "helm3-zsh-completion-3.19.2-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm3-3.19.2-1.1.s390x",
                "product": {
                  "name": "helm3-3.19.2-1.1.s390x",
                  "product_id": "helm3-3.19.2-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-bash-completion-3.19.2-1.1.s390x",
                "product": {
                  "name": "helm3-bash-completion-3.19.2-1.1.s390x",
                  "product_id": "helm3-bash-completion-3.19.2-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-fish-completion-3.19.2-1.1.s390x",
                "product": {
                  "name": "helm3-fish-completion-3.19.2-1.1.s390x",
                  "product_id": "helm3-fish-completion-3.19.2-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-zsh-completion-3.19.2-1.1.s390x",
                "product": {
                  "name": "helm3-zsh-completion-3.19.2-1.1.s390x",
                  "product_id": "helm3-zsh-completion-3.19.2-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "helm3-3.19.2-1.1.x86_64",
                "product": {
                  "name": "helm3-3.19.2-1.1.x86_64",
                  "product_id": "helm3-3.19.2-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-bash-completion-3.19.2-1.1.x86_64",
                "product": {
                  "name": "helm3-bash-completion-3.19.2-1.1.x86_64",
                  "product_id": "helm3-bash-completion-3.19.2-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-fish-completion-3.19.2-1.1.x86_64",
                "product": {
                  "name": "helm3-fish-completion-3.19.2-1.1.x86_64",
                  "product_id": "helm3-fish-completion-3.19.2-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "helm3-zsh-completion-3.19.2-1.1.x86_64",
                "product": {
                  "name": "helm3-zsh-completion-3.19.2-1.1.x86_64",
                  "product_id": "helm3-zsh-completion-3.19.2-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64"
        },
        "product_reference": "helm3-3.19.2-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le"
        },
        "product_reference": "helm3-3.19.2-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x"
        },
        "product_reference": "helm3-3.19.2-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64"
        },
        "product_reference": "helm3-3.19.2-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-bash-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64"
        },
        "product_reference": "helm3-bash-completion-3.19.2-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-bash-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le"
        },
        "product_reference": "helm3-bash-completion-3.19.2-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-bash-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x"
        },
        "product_reference": "helm3-bash-completion-3.19.2-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-bash-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64"
        },
        "product_reference": "helm3-bash-completion-3.19.2-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-fish-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64"
        },
        "product_reference": "helm3-fish-completion-3.19.2-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-fish-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le"
        },
        "product_reference": "helm3-fish-completion-3.19.2-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-fish-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x"
        },
        "product_reference": "helm3-fish-completion-3.19.2-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-fish-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64"
        },
        "product_reference": "helm3-fish-completion-3.19.2-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-zsh-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64"
        },
        "product_reference": "helm3-zsh-completion-3.19.2-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-zsh-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le"
        },
        "product_reference": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-zsh-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x"
        },
        "product_reference": "helm3-zsh-completion-3.19.2-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "helm3-zsh-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        },
        "product_reference": "helm3-zsh-completion-3.19.2-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-16873",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16873"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16873",
          "url": "https://www.suse.com/security/cve/CVE-2018-16873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118897 for CVE-2018-16873",
          "url": "https://bugzilla.suse.com/1118897"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118898 for CVE-2018-16873",
          "url": "https://bugzilla.suse.com/1118898"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118899 for CVE-2018-16873",
          "url": "https://bugzilla.suse.com/1118899"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-16873"
    },
    {
      "cve": "CVE-2018-16874",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16874"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16874",
          "url": "https://www.suse.com/security/cve/CVE-2018-16874"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118897 for CVE-2018-16874",
          "url": "https://bugzilla.suse.com/1118897"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118898 for CVE-2018-16874",
          "url": "https://bugzilla.suse.com/1118898"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118899 for CVE-2018-16874",
          "url": "https://bugzilla.suse.com/1118899"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-16874"
    },
    {
      "cve": "CVE-2018-16875",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16875"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16875",
          "url": "https://www.suse.com/security/cve/CVE-2018-16875"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118897 for CVE-2018-16875",
          "url": "https://bugzilla.suse.com/1118897"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118898 for CVE-2018-16875",
          "url": "https://bugzilla.suse.com/1118898"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118899 for CVE-2018-16875",
          "url": "https://bugzilla.suse.com/1118899"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-16875"
    },
    {
      "cve": "CVE-2021-21272",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21272"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a \"zip-slip\" vulnerability. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking, writing, or overwriting specific files on the host filesystem outside of the user-specified directory unexpectedly with the same permissions as the user who runs `oras pull`. Users of the affected versions are impacted if they are `oras` CLI users who runs `oras pull`, or if they are Go programs, which invoke `github.com/deislabs/oras/pkg/content.FileStore`. The problem has been fixed in version 0.9.0. For `oras` CLI users, there is no workarounds other than pulling from a trusted artifact provider. For `oras` package users, the workaround is to not use `github.com/deislabs/oras/pkg/content.FileStore`, and use other content stores instead, or pull from a trusted artifact provider.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21272",
          "url": "https://www.suse.com/security/cve/CVE-2021-21272"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181419 for CVE-2021-21272",
          "url": "https://bugzilla.suse.com/1181419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21272"
    },
    {
      "cve": "CVE-2022-1996",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1996"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1996",
          "url": "https://www.suse.com/security/cve/CVE-2022-1996"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200528 for CVE-2022-1996",
          "url": "https://bugzilla.suse.com/1200528"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-1996"
    },
    {
      "cve": "CVE-2022-23524",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23524"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the _strvals_ package in the Helm SDK can have a Denial of Service attack when they use this package and it panics. This issue has been patched in 3.10.3. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23524",
          "url": "https://www.suse.com/security/cve/CVE-2022-23524"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206467 for CVE-2022-23524",
          "url": "https://bugzilla.suse.com/1206467"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-23524"
    },
    {
      "cve": "CVE-2022-23525",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23525"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The _repo_ package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the _repo_ package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the _repo_ functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23525",
          "url": "https://www.suse.com/security/cve/CVE-2022-23525"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206469 for CVE-2022-23525",
          "url": "https://bugzilla.suse.com/1206469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-23525"
    },
    {
      "cve": "CVE-2022-23526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23526",
          "url": "https://www.suse.com/security/cve/CVE-2022-23526"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206471 for CVE-2022-23526",
          "url": "https://bugzilla.suse.com/1206471"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-23526"
    },
    {
      "cve": "CVE-2022-36055",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36055"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Fuzz testing, provided by the CNCF, identified input to functions in the _strvals_ package that can cause an out of memory panic. The _strvals_ package contains a parser that turns strings in to Go structures. The _strvals_ package converts these strings into structures Go can work with. Some string inputs can cause array data structures to be created causing an out of memory panic. Applications that use the _strvals_ package in the Helm SDK to parse user supplied input can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with input to `--set`, `--set-string`, and other value setting flags that causes an out of memory panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been resolved in 3.9.4. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36055",
          "url": "https://www.suse.com/security/cve/CVE-2022-36055"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203054 for CVE-2022-36055",
          "url": "https://bugzilla.suse.com/1203054"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-36055"
    },
    {
      "cve": "CVE-2023-25165",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25165"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a DNS lookup. The DNS lookup happens when used with `helm install|upgrade|template` or when the Helm SDK is used to render a chart. Information passed into the chart can be disclosed to the DNS servers used to lookup the IP address. For example, a malicious chart could inject `getHostByName` into a chart in order to disclose values to a malicious DNS server. The issue has been fixed in Helm 3.11.1. Prior to using a chart with Helm verify the `getHostByName` function is not being used in a template to disclose any information you do not want passed to DNS servers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25165",
          "url": "https://www.suse.com/security/cve/CVE-2023-25165"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208083 for CVE-2023-25165",
          "url": "https://bugzilla.suse.com/1208083"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-25165"
    },
    {
      "cve": "CVE-2023-25173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well.\n\nThis bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd\u0027s client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `\"USER $USERNAME\"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT [\"su\", \"-\", \"user\"]` to allow `su` to properly set up supplementary groups.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25173",
          "url": "https://www.suse.com/security/cve/CVE-2023-25173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208426 for CVE-2023-25173",
          "url": "https://bugzilla.suse.com/1208426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215588 for CVE-2023-25173",
          "url": "https://bugzilla.suse.com/1215588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-25173"
    },
    {
      "cve": "CVE-2024-25620",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-25620"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-25620",
          "url": "https://www.suse.com/security/cve/CVE-2024-25620"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219969 for CVE-2024-25620",
          "url": "https://bugzilla.suse.com/1219969"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-25620"
    },
    {
      "cve": "CVE-2024-26147",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-26147"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an `index.yaml` file or a plugins `plugin.yaml` file were missing all metadata a panic would occur in Helm. In the Helm SDK, this is found when using the `LoadIndexFile` or `DownloadIndexFile` functions in the `repo` package or the `LoadDir` function in the `plugin` package. For the Helm client this impacts functions around adding a repository and all Helm functions if a malicious plugin is added as Helm inspects all known plugins on each invocation. This issue has been resolved in Helm v3.14.2. If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem. If using Helm SDK versions prior to 3.14.2, calls to affected functions can use `recover` to catch the panic.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-26147",
          "url": "https://www.suse.com/security/cve/CVE-2024-26147"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220207 for CVE-2024-26147",
          "url": "https://bugzilla.suse.com/1220207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-26147"
    },
    {
      "cve": "CVE-2024-45337",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45337"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45337",
          "url": "https://www.suse.com/security/cve/CVE-2024-45337"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234482 for CVE-2024-45337",
          "url": "https://bugzilla.suse.com/1234482"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-45337"
    },
    {
      "cve": "CVE-2024-45338",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45338"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45338",
          "url": "https://www.suse.com/security/cve/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234794 for CVE-2024-45338",
          "url": "https://bugzilla.suse.com/1234794"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45338"
    },
    {
      "cve": "CVE-2025-22870",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22870"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22870",
          "url": "https://www.suse.com/security/cve/CVE-2025-22870"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238572 for CVE-2025-22870",
          "url": "https://bugzilla.suse.com/1238572"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238611 for CVE-2025-22870",
          "url": "https://bugzilla.suse.com/1238611"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-22870"
    },
    {
      "cve": "CVE-2025-22872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22872",
          "url": "https://www.suse.com/security/cve/CVE-2025-22872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241710 for CVE-2025-22872",
          "url": "https://bugzilla.suse.com/1241710"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-22872"
    },
    {
      "cve": "CVE-2025-47911",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-47911"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-47911",
          "url": "https://www.suse.com/security/cve/CVE-2025-47911"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1251308 for CVE-2025-47911",
          "url": "https://bugzilla.suse.com/1251308"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-47911"
    },
    {
      "cve": "CVE-2025-53547",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-53547"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-53547",
          "url": "https://www.suse.com/security/cve/CVE-2025-53547"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1246150 for CVE-2025-53547",
          "url": "https://bugzilla.suse.com/1246150"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-53547"
    },
    {
      "cve": "CVE-2025-58190",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-58190"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
          "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-58190",
          "url": "https://www.suse.com/security/cve/CVE-2025-58190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1251309 for CVE-2025-58190",
          "url": "https://bugzilla.suse.com/1251309"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
            "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-28T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-58190"
    }
  ]
}

RHSA-2024:1255

Vulnerability from csaf_redhat - Published: 2024-03-19 00:19 - Updated: 2026-04-30 13:22

Summary

Red Hat Security Advisory: OpenShift Container Platform 4.15.3 bug fix and security update

Severity

Moderate

Notes

Topic: Red Hat OpenShift Container Platform release 4.15.3 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.15.3. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHBA-2024:1258 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.15/release_notes/ocp-4-15-release-notes.html Security Fix(es): * helm: Dependency management path traversal (CVE-2024-25620) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.15 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.15/updating/updating_a_cluster/updating-cluster-cli.html

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-25620

A path traversal vulnerability was found in Helm when it saved a chart including download time. When either the Helm client or SDK is used to save a chart whose name is within the Chart.yaml file and includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name.

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x	—	Vendor Fix fix

Known not affected 48 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le		—
Unresolved product id: 8Base-RHOSE-4.15:openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x		—
Unresolved product id: 9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64		—
Unresolved product id: 9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64		—
Unresolved product id: 9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le		—
Unresolved product id: 9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x		—
Unresolved product id: 9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64		—

Threats

Impact Moderate

References

16 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:1255	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2264336	external
https://issues.redhat.com/browse/OCPBUGS-24086	external
https://issues.redhat.com/browse/OCPBUGS-25831	external
https://issues.redhat.com/browse/OCPBUGS-29080	external
https://issues.redhat.com/browse/OCPBUGS-29661	external
https://issues.redhat.com/browse/OCPBUGS-30189	external
https://issues.redhat.com/browse/OCPBUGS-30412	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-25620	self
https://bugzilla.redhat.com/show_bug.cgi?id=2264336	external
https://www.cve.org/CVERecord?id=CVE-2024-25620	external
https://nvd.nist.gov/vuln/detail/CVE-2024-25620	external
https://github.com/helm/helm/commit/0d0f91d1ce277…	external
https://github.com/helm/helm/security/advisories/…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform release 4.15.3 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.15.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.15.3. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2024:1258\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.15/release_notes/ocp-4-15-release-notes.html\n\nSecurity Fix(es):\n\n* helm: Dependency management path traversal (CVE-2024-25620)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.15/updating/updating_a_cluster/updating-cluster-cli.html",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:1255",
        "url": "https://access.redhat.com/errata/RHSA-2024:1255"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2264336",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264336"
      },
      {
        "category": "external",
        "summary": "OCPBUGS-24086",
        "url": "https://issues.redhat.com/browse/OCPBUGS-24086"
      },
      {
        "category": "external",
        "summary": "OCPBUGS-25831",
        "url": "https://issues.redhat.com/browse/OCPBUGS-25831"
      },
      {
        "category": "external",
        "summary": "OCPBUGS-29080",
        "url": "https://issues.redhat.com/browse/OCPBUGS-29080"
      },
      {
        "category": "external",
        "summary": "OCPBUGS-29661",
        "url": "https://issues.redhat.com/browse/OCPBUGS-29661"
      },
      {
        "category": "external",
        "summary": "OCPBUGS-30189",
        "url": "https://issues.redhat.com/browse/OCPBUGS-30189"
      },
      {
        "category": "external",
        "summary": "OCPBUGS-30412",
        "url": "https://issues.redhat.com/browse/OCPBUGS-30412"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1255.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Container Platform 4.15.3 bug fix and security update",
    "tracking": {
      "current_release_date": "2026-04-30T13:22:29+00:00",
      "generator": {
        "date": "2026-04-30T13:22:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.7"
        }
      },
      "id": "RHSA-2024:1255",
      "initial_release_date": "2024-03-19T00:19:06+00:00",
      "revision_history": [
        {
          "date": "2024-03-19T00:19:06+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-03-19T00:19:06+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-04-30T13:22:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 4.15",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.15",
                  "product_id": "9Base-RHOSE-4.15",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.15::el9"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 4.15",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.15",
                  "product_id": "8Base-RHOSE-4.15",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.15::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64",
                "product": {
                  "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64",
                  "product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.15.0-202403071909.p0.gfc57075.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64",
                "product": {
                  "name": "openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64",
                  "product_id": "openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.15.0-202403072108.p0.g3ba6e63.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64",
                "product": {
                  "name": "openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64",
                  "product_id": "openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64",
                "product": {
                  "name": "openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64",
                  "product_id": "openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-pod-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64",
                "product": {
                  "name": "openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64",
                  "product_id": "openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.15.0-202403082308.p0.gd68c509.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64",
                "product": {
                  "name": "openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64",
                  "product_id": "openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.15.0-202403071909.p0.g06a4294.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64",
                "product": {
                  "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64",
                  "product_id": "openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-olm-operator-rhel8\u0026tag=v4.15.0-202403081338.p0.ga7ba898.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64",
                "product": {
                  "name": "openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64",
                  "product_id": "openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel9\u0026tag=v4.15.0-202403071909.p0.g4f6c741.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64",
                "product": {
                  "name": "openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64",
                  "product_id": "openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.15.0-202403111711.p0.gb693d2f.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64",
                "product": {
                  "name": "openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64",
                  "product_id": "openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-sdn-rhel9\u0026tag=v4.15.0-202403071909.p0.g71a6f28.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64",
                "product": {
                  "name": "openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64",
                  "product_id": "openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-olm-rukpak-rhel8\u0026tag=v4.15.0-202403081338.p0.g5b09cd4.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64",
                "product": {
                  "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64",
                  "product_id": "openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel9\u0026tag=v4.15.0-202403081208.p0.gedbf735.assembly.stream.el9"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64",
                "product": {
                  "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64",
                  "product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.15.0-202403071909.p0.gfc57075.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64",
                "product": {
                  "name": "openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64",
                  "product_id": "openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.15.0-202403072108.p0.g3ba6e63.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64",
                "product": {
                  "name": "openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64",
                  "product_id": "openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64",
                "product": {
                  "name": "openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64",
                  "product_id": "openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-pod-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64",
                "product": {
                  "name": "openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64",
                  "product_id": "openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.15.0-202403082308.p0.gd68c509.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64",
                "product": {
                  "name": "openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64",
                  "product_id": "openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.15.0-202403071909.p0.g06a4294.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64",
                "product": {
                  "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64",
                  "product_id": "openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-olm-operator-rhel8\u0026tag=v4.15.0-202403081338.p0.ga7ba898.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64",
                "product": {
                  "name": "openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64",
                  "product_id": "openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel9\u0026tag=v4.15.0-202403071909.p0.g4f6c741.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64",
                "product": {
                  "name": "openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64",
                  "product_id": "openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.15.0-202403111711.p0.gb693d2f.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64",
                "product": {
                  "name": "openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64",
                  "product_id": "openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sdn-rhel9\u0026tag=v4.15.0-202403071909.p0.g71a6f28.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64",
                "product": {
                  "name": "openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64",
                  "product_id": "openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-olm-rukpak-rhel8\u0026tag=v4.15.0-202403081338.p0.g5b09cd4.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64",
                "product": {
                  "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64",
                  "product_id": "openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel9\u0026tag=v4.15.0-202403081208.p0.gedbf735.assembly.stream.el9"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le",
                "product": {
                  "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le",
                  "product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.15.0-202403071909.p0.gfc57075.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le",
                "product": {
                  "name": "openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le",
                  "product_id": "openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.15.0-202403072108.p0.g3ba6e63.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le",
                "product": {
                  "name": "openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le",
                  "product_id": "openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le",
                "product": {
                  "name": "openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le",
                  "product_id": "openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-pod-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le",
                "product": {
                  "name": "openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le",
                  "product_id": "openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.15.0-202403082308.p0.gd68c509.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le",
                "product": {
                  "name": "openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le",
                  "product_id": "openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.15.0-202403071909.p0.g06a4294.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le",
                "product": {
                  "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le",
                  "product_id": "openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-olm-operator-rhel8\u0026tag=v4.15.0-202403081338.p0.ga7ba898.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le",
                "product": {
                  "name": "openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le",
                  "product_id": "openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel9\u0026tag=v4.15.0-202403071909.p0.g4f6c741.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le",
                "product": {
                  "name": "openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le",
                  "product_id": "openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.15.0-202403111711.p0.gb693d2f.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le",
                "product": {
                  "name": "openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le",
                  "product_id": "openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sdn-rhel9\u0026tag=v4.15.0-202403071909.p0.g71a6f28.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le",
                "product": {
                  "name": "openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le",
                  "product_id": "openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-olm-rukpak-rhel8\u0026tag=v4.15.0-202403081338.p0.g5b09cd4.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le",
                "product": {
                  "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le",
                  "product_id": "openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel9\u0026tag=v4.15.0-202403081208.p0.gedbf735.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le",
                "product": {
                  "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le",
                  "product_id": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38?arch=ppc64le\u0026repository_url=registry.redhat.io/rhcos\u0026tag=415.92.202403080220-0"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x",
                "product": {
                  "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x",
                  "product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.15.0-202403071909.p0.gfc57075.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x",
                "product": {
                  "name": "openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x",
                  "product_id": "openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.15.0-202403072108.p0.g3ba6e63.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x",
                "product": {
                  "name": "openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x",
                  "product_id": "openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x",
                "product": {
                  "name": "openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x",
                  "product_id": "openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-pod-rhel9\u0026tag=v4.15.0-202403071708.p0.g6e2789b.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x",
                "product": {
                  "name": "openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x",
                  "product_id": "openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.15.0-202403082308.p0.gd68c509.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x",
                "product": {
                  "name": "openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x",
                  "product_id": "openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.15.0-202403071909.p0.g06a4294.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x",
                "product": {
                  "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x",
                  "product_id": "openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-olm-operator-rhel8\u0026tag=v4.15.0-202403081338.p0.ga7ba898.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x",
                "product": {
                  "name": "openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x",
                  "product_id": "openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel9\u0026tag=v4.15.0-202403071909.p0.g4f6c741.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x",
                "product": {
                  "name": "openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x",
                  "product_id": "openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.15.0-202403111711.p0.gb693d2f.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x",
                "product": {
                  "name": "openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x",
                  "product_id": "openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sdn-rhel9\u0026tag=v4.15.0-202403071909.p0.g71a6f28.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x",
                "product": {
                  "name": "openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x",
                  "product_id": "openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-olm-rukpak-rhel8\u0026tag=v4.15.0-202403081338.p0.g5b09cd4.assembly.stream.el8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x",
                "product": {
                  "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x",
                  "product_id": "openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel9\u0026tag=v4.15.0-202403081208.p0.gedbf735.assembly.stream.el9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x",
                "product": {
                  "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x",
                  "product_id": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38?arch=s390x\u0026repository_url=registry.redhat.io/rhcos\u0026tag=415.92.202403080220-0"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64",
                "product": {
                  "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64",
                  "product_id": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38?arch=aarch64\u0026repository_url=registry.redhat.io/rhcos\u0026tag=415.92.202403080220-0"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64",
                "product": {
                  "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64",
                  "product_id": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38?arch=x86_64\u0026repository_url=registry.redhat.io/rhcos\u0026tag=415.92.202403080220-0"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x"
        },
        "product_reference": "openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64"
        },
        "product_reference": "openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64"
        },
        "product_reference": "openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le"
        },
        "product_reference": "openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x"
        },
        "product_reference": "openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64"
        },
        "product_reference": "openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le"
        },
        "product_reference": "openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64"
        },
        "product_reference": "openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64"
        },
        "product_reference": "openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64"
        },
        "product_reference": "openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x"
        },
        "product_reference": "openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le"
        },
        "product_reference": "openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le"
        },
        "product_reference": "openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64"
        },
        "product_reference": "openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64"
        },
        "product_reference": "openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x"
        },
        "product_reference": "openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64"
        },
        "product_reference": "openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64"
        },
        "product_reference": "openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le"
        },
        "product_reference": "openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x"
        },
        "product_reference": "openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64"
        },
        "product_reference": "openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x"
        },
        "product_reference": "openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le"
        },
        "product_reference": "openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64"
        },
        "product_reference": "openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64",
        "relates_to_product_reference": "8Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64"
        },
        "product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le"
        },
        "product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x"
        },
        "product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64"
        },
        "product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le"
        },
        "product_reference": "openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64"
        },
        "product_reference": "openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64"
        },
        "product_reference": "openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x"
        },
        "product_reference": "openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le"
        },
        "product_reference": "openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64"
        },
        "product_reference": "openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x"
        },
        "product_reference": "openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64"
        },
        "product_reference": "openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le"
        },
        "product_reference": "openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64"
        },
        "product_reference": "openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64"
        },
        "product_reference": "openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x"
        },
        "product_reference": "openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le"
        },
        "product_reference": "openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x"
        },
        "product_reference": "openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64"
        },
        "product_reference": "openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64"
        },
        "product_reference": "openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le"
        },
        "product_reference": "openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64"
        },
        "product_reference": "openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x"
        },
        "product_reference": "openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64"
        },
        "product_reference": "openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64"
        },
        "product_reference": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le"
        },
        "product_reference": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x"
        },
        "product_reference": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64 as a component of Red Hat OpenShift Container Platform 4.15",
          "product_id": "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64"
        },
        "product_reference": "rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64",
        "relates_to_product_reference": "9Base-RHOSE-4.15"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-25620",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2264336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability was found in Helm when it saved a chart including download time. When either the Helm client or SDK is used to save a chart whose name is within the Chart.yaml file and includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "helm: Dependency management path traversal",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64",
          "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64",
          "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le",
          "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x"
        ],
        "known_not_affected": [
          "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x",
          "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64",
          "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64",
          "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le",
          "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x",
          "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64",
          "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le",
          "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64",
          "8Base-RHOSE-4.15:openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64",
          "8Base-RHOSE-4.15:openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64",
          "8Base-RHOSE-4.15:openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x",
          "8Base-RHOSE-4.15:openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le",
          "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le",
          "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64",
          "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64",
          "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x",
          "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64",
          "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x",
          "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le",
          "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64",
          "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64",
          "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le",
          "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x",
          "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64",
          "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le",
          "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64",
          "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64",
          "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x",
          "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le",
          "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64",
          "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x",
          "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64",
          "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le",
          "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64",
          "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64",
          "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x",
          "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le",
          "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x",
          "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64",
          "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64",
          "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le",
          "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64",
          "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x",
          "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64",
          "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64",
          "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le",
          "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x",
          "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-25620"
        },
        {
          "category": "external",
          "summary": "RHBZ#2264336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25620",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-25620"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620"
        },
        {
          "category": "external",
          "summary": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503",
          "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
        },
        {
          "category": "external",
          "summary": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
          "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
        }
      ],
      "release_date": "2024-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-03-19T00:19:06+00:00",
          "details": "For OpenShift Container Platform 4.15 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n      https://docs.openshift.com/container-platform/4.15/release_notes/ocp-4-15-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n      The sha values for the release are\n\n      (For x86_64 architecture)\n      The image digest is sha256:8e8c6c2645553e6df8eb7985d8cb322f333a4152453e2aa85fff24ac5e0755b0\n\n      (For s390x architecture)\n      The image digest is sha256:49cbea5ea2c96c976b9fc65f02866b68bd9be1bb26baf3cf2d7127e15e1d0387\n\n      (For ppc64le architecture)\n      The image digest is sha256:49fb1443be745aebe1470ab2ad6c3780ca24169f8b4bd98cd4cc86a375bd72db\n\n      (For aarch64 architecture)\n      The image digest is sha256:83ef2e8dce0f422926447eefb662d47bf91bce8a8f4ea25640561c251c1282ea\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.15/updating/updating_a_cluster/updating-cluster-cli.html",
          "product_ids": [
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1255"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:17ace1adf247a7db77b4efe82550b78a8cac86e4c3b013dba7f40dab24339811_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:9a2e21c79384af07625ee3633ffe4a5062bd40fc79514ad53fcb732c31f9b3f7_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:a0426d394fc3c761095ba0a5a950a848a6e28b29a30a028671451d919f6f28f5_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-cloud-credential-operator@sha256:c7ae92bf193aae8ff3e5069a9a02f2ee1102022e19d95e0dea95e53d758097d5_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:070f454594088d457a23b131f8e6449e0f71fa91679198d9f0a5c5e83a6bb188_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:2bff65ef9bd4f321ffdccf569772dd48ee84b9b74d8a00313037884d969eed6b_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:8d8f74b111ba028ed2a6689dd88ac0a5b17deb04e5a967a95a13a50c5370a7aa_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-cluster-olm-operator-rhel8@sha256:fce9b8f74f4aba59a0bfb1a8f29859d5c820da9503209bdcc3ccd48be84c16ba_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:12d6f3d7e2805fb5992778a0aee0541fc3865dadae1c3a0fc62f3d9c032c259c_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:3ac3fe5acafec2f6c6e01ef78b4bf32ee4dfdf4f8b811c1be15461e0b6df83df_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:b26146adbb150acabea098b6724054bc8ed4bc6e75cc08764f6aea855c0b8e08_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-console@sha256:e2c3a4477638754a138f8554a45e7b4158978363350bbfe5c6d96cd813ff8d73_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:2cc3174c2541912cfcadcd8ade47363aa75d4fb80f1a0b712d88ad9fd11eea97_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:98c49783da2d3c39a9ed52fa0d6acc733533c2289f8515d4c448d934d142f6ee_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:a332609763a558eeae79bcac4bfd208fe444008c699c9890b8341956f4085e71_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-machine-config-operator@sha256:e0648d8cc1ee89c9378f67c0caf0b15c788094dc7f32d64bc0841f1653d1128b_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:233187f8bf152f98cec72512273bf25906ffedbeeeb6bb1a288155707c491dc4_arm64",
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:2f28f6449947d6a61a89aba51015d032426ede3518e7fa3a9c2adcbc92f7d02a_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:327c93cc4b860215ff3eab3561d60ff0fc1be9e5c2d1db9ce3832306018617b4_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-olm-rukpak-rhel8@sha256:6f398424939e059aeb27ed3178dfc3374a41ffa40b423c2393cbdc6f64ecc965_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:01e5331395b8eb7ccbf4d180aba82fe8d14d9f512ad1924199bc675ab78a2899_amd64",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:727a08dcaa3bd082b93a5d841a4388d4e60725aeec95962717f7cd5a54b90279_s390x",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:9ceb22a5aa3ad1da243a42e28ffb91c7e08cfd0b05e7df7d295abb33f956c952_ppc64le",
            "8Base-RHOSE-4.15:openshift4/ose-tests@sha256:a0fb1c3965fd4dbd7ca8e54e2ae09337548e60465b6006da50c8a223afc51f55_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7e827cd3b4c471c8358ba48889091d27570ff677a4694bb97c4b729958b7aa69_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:88bcc7f5cc252d66079ee7c4ba610910e8ad96c24f22f704977bb835933f3019_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:c7805561da209665f1dbc9b97d96f710871b067ed349696d90f79d01665e6246_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:dc3bd18e5efd55497be564ae42a9452195ac7624ae9909ccbd5bf7cd383d1ad7_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:67fcbb5bbe11d0c676e535ee83a747c27650abda00eca9cb161bb682628b5022_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:73e86d314d4ec1e5ad0a913dd44a627c15fdc0c62c36a792851bee55c09d8771_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:7496a932300c7f7834b0234c5683dca210b3d160c1c30047daf1c9467bf9c078_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-hyperkube-rhel9@sha256:ce94941d4a1eec73f690087fbabce95ea1a9a51f737e40719dd0e56321f955ad_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:139132fca36a9dd8ea76d35a380f196ca68493f50a015b4a6fa1041fd8c7ee0a_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:691aed5a56f2f1e2eb6f6d19b6396feacf21e4eb75acb15045a1f2da2acc6f79_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:a06bec747e5acc847d8b7faec047cded9de6a99859bd42fda5c23e054e87b37f_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-hypershift-rhel9@sha256:ede27fe3d22d34edf0900d7eac05082aac0427c85022be6221f816f5c9be4292_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:6ed9a16e0777786d589864dc3adacf9a37987c4b24f06b7972b7bf6d7e3b8b0c_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:9c7c8f54f8a6f04da55322223b214720f88d49fed6e3cdcd958e334ac8d14fa4_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:aa9d4271e65286c60578ce2e3940071b1379e75a896dba40774163584bab0d5d_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-openshift-controller-manager-rhel9@sha256:e354eaee38e6ee546a01812be7662cfe6fb7039b818428dc1f5671193b4c35f6_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:283b2c4aea7a3030e09d08b150a515f4bb232fbc07f1d960811e665d8fd29802_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:47cd7555c6f9a54b1f075bfc0e0f9256fbaaf01173794d20fab92508e876fd48_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:d152617edada2d9b9ee5e5f38ac32b44c25fd49932678d6d4c3c18d63242485f_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-pod-rhel9@sha256:e69ccab31cccae506a7ed7518026b0481ca039d748cb1b240556a3d1acfcdb35_amd64",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:1c1a66a2de15c279d1356870e2934e9753a7f8e86f7e9497d4272aac15709de9_ppc64le",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:35d6d28b89a1d5204c42ed11541e267a3876af37b811c0e926ea615f66369668_arm64",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:986b1a18efc4f960b23c38b8a6adb588dc1d52cc31be749513cc7d799949481e_s390x",
            "9Base-RHOSE-4.15:openshift4/ose-sdn-rhel9@sha256:f54f897d081552e34679f95efa4627de2b5217232dcfe12d478f02815bb702e9_amd64",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_aarch64",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_ppc64le",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_s390x",
            "9Base-RHOSE-4.15:rhcos@sha256:61752974681ea423d76d1c0c55c3626a6d7a90bccea1958071674057c01a8c38_x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "helm: Dependency management path traversal"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-25620 (GCVE-0-2024-25620)

Vulnerability from bitnami_vulndb

Solutions

Impact

Patches

Workarounds

Credits

Tags

Sightings

Nomenclature