Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion
Vulnerability Description
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory (OOM) termination. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring all Helm charts that are being loaded into Helm do not have any reference of $ref pointing to /dev/zero.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Helm 安全漏洞
Vulnerability Description
Helm是CNCF基金会的一款Kubernetes包管理器。 Helm 3.18.5之前版本存在安全漏洞,该漏洞源于JSON Schema文件处理不当,可能导致内存耗尽。
CVSS Information
N/A
Vulnerability Type
N/A