RHEA-2025:0507
Vulnerability from csaf_redhat - Published: 2025-01-21 12:46 - Updated: 2025-12-02 08:25Summary
Red Hat Enhancement Advisory: Advisory for publishing Helm 3.15.4 GA release
Notes
Topic
GA release of Helm 3.15.4 for OpenShift Container Platform 4.17 version.
Details
This errata advisory is for publishing the GA release of Helm 3.15.4 for OpenShift Container Platform 4.17 version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "GA release of Helm 3.15.4 for OpenShift Container Platform 4.17 version.",
"title": "Topic"
},
{
"category": "general",
"text": "This errata advisory is for publishing the GA release of Helm 3.15.4 for OpenShift Container Platform 4.17 version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2025:0507",
"url": "https://access.redhat.com/errata/RHEA-2025:0507"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/latest/applications/working_with_helm_charts/installing-helm.html",
"url": "https://docs.openshift.com/container-platform/latest/applications/working_with_helm_charts/installing-helm.html"
},
{
"category": "external",
"summary": "DPROD-391",
"url": "https://issues.redhat.com/browse/DPROD-391"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhea-2025_0507.json"
}
],
"title": "Red Hat Enhancement Advisory: Advisory for publishing Helm 3.15.4 GA release",
"tracking": {
"current_release_date": "2025-12-02T08:25:25+00:00",
"generator": {
"date": "2025-12-02T08:25:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHEA-2025:0507",
"initial_release_date": "2025-01-21T12:46:18+00:00",
"revision_history": [
{
"date": "2025-01-21T12:46:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-21T12:46:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-02T08:25:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.17",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.17",
"product_id": "9Base-OCP-Tools-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-0:3.15.4-60.el9.src",
"product": {
"name": "helm-0:3.15.4-60.el9.src",
"product_id": "helm-0:3.15.4-60.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/helm@3.15.4-60.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-0:3.15.4-60.el9.aarch64",
"product": {
"name": "helm-0:3.15.4-60.el9.aarch64",
"product_id": "helm-0:3.15.4-60.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/helm@3.15.4-60.el9?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-0:3.15.4-60.el9.ppc64le",
"product": {
"name": "helm-0:3.15.4-60.el9.ppc64le",
"product_id": "helm-0:3.15.4-60.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/helm@3.15.4-60.el9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-0:3.15.4-60.el9.s390x",
"product": {
"name": "helm-0:3.15.4-60.el9.s390x",
"product_id": "helm-0:3.15.4-60.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/helm@3.15.4-60.el9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-0:3.15.4-60.el9.x86_64",
"product": {
"name": "helm-0:3.15.4-60.el9.x86_64",
"product_id": "helm-0:3.15.4-60.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/helm@3.15.4-60.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "helm-redistributable-0:3.15.4-60.el9.x86_64",
"product": {
"name": "helm-redistributable-0:3.15.4-60.el9.x86_64",
"product_id": "helm-redistributable-0:3.15.4-60.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/helm-redistributable@3.15.4-60.el9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-0:3.15.4-60.el9.aarch64 as a component of OpenShift Developer Tools and Services for OCP 4.17",
"product_id": "9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64"
},
"product_reference": "helm-0:3.15.4-60.el9.aarch64",
"relates_to_product_reference": "9Base-OCP-Tools-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-0:3.15.4-60.el9.ppc64le as a component of OpenShift Developer Tools and Services for OCP 4.17",
"product_id": "9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le"
},
"product_reference": "helm-0:3.15.4-60.el9.ppc64le",
"relates_to_product_reference": "9Base-OCP-Tools-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-0:3.15.4-60.el9.s390x as a component of OpenShift Developer Tools and Services for OCP 4.17",
"product_id": "9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x"
},
"product_reference": "helm-0:3.15.4-60.el9.s390x",
"relates_to_product_reference": "9Base-OCP-Tools-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-0:3.15.4-60.el9.src as a component of OpenShift Developer Tools and Services for OCP 4.17",
"product_id": "9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src"
},
"product_reference": "helm-0:3.15.4-60.el9.src",
"relates_to_product_reference": "9Base-OCP-Tools-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-0:3.15.4-60.el9.x86_64 as a component of OpenShift Developer Tools and Services for OCP 4.17",
"product_id": "9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64"
},
"product_reference": "helm-0:3.15.4-60.el9.x86_64",
"relates_to_product_reference": "9Base-OCP-Tools-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-redistributable-0:3.15.4-60.el9.x86_64 as a component of OpenShift Developer Tools and Services for OCP 4.17",
"product_id": "9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
},
"product_reference": "helm-redistributable-0:3.15.4-60.el9.x86_64",
"relates_to_product_reference": "9Base-OCP-Tools-4.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-24788",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: malformed DNS message can cause infinite loop",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to ensure the most restrictive setting needed for operational requirements. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, enabling capabilities like excessive CPU usage, long execution times, or processes consuming abnormal amounts of memory. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing infinite loops caused by malformed or unexpected input, such as unbounded user input or unexpected null values that cause loops to never terminate. In the event of successful exploitation, process isolation limits the effect of an infinite loop to a single process rather than allowing it to consume all system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "RHBZ#2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2824",
"url": "https://pkg.go.dev/vuln/GO-2024-2824"
}
],
"release_date": "2024-05-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-21T12:46:18+00:00",
"details": "Ensuring that the binaries for Helm are available for use to the customers/users. Follow the instructions linked in the References section to download the binaries for Helm and use them.",
"product_ids": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2025:0507"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: malformed DNS message can cause infinite loop"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections, such as IPS/IDS and antimalware solutions, help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-21T12:46:18+00:00",
"details": "Ensuring that the binaries for Helm are available for use to the customers/users. Follow the instructions linked in the References section to download the binaries for Helm and use them.",
"product_ids": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2025:0507"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-115: Misinterpretation of Input vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nControls such as input validation and error handling mitigate input misinterpretation risks by enforcing strict validation rules and secure error management. Error handling ensures inputs are validated against predefined formats, preventing malformed data from being misinterpreted. Techniques like strong typing, allow listing, and proper encoding reduce the likelihood of injection attacks and unintended code execution. Input validation also ensures that errors do not expose sensitive system details or cause unpredictable behavior. Secure error handling prevents information leakage through detailed error messages while preserving system stability under malformed input conditions. Together, these controls reduce the attack surface by maintaining consistent input processing and preventing exploitable system states, strengthening the overall security posture.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "RHBZ#2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-21T12:46:18+00:00",
"details": "Ensuring that the binaries for Helm are available for use to the customers/users. Follow the instructions linked in the References section to download the binaries for Helm and use them.",
"product_ids": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2025:0507"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.aarch64",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.ppc64le",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.s390x",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.src",
"9Base-OCP-Tools-4.17:helm-0:3.15.4-60.el9.x86_64",
"9Base-OCP-Tools-4.17:helm-redistributable-0:3.15.4-60.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…