Comments (3)
It is unclear what is being asked of Helm here. The "Fix Status" column seems to explains the status?
from helm.
Updating vulnerability table details for more details,the issue seems to be reported for ,few go binaries/packages used in latest helm packages.but the CVEs have already been fixed in the official "go" related binaries/packages. That is the "Fix Status" referred there.is it possible to incorporate the "go" related binaries to the the same fix version in Helm.
from helm.
This looks like a list of CVEs that have already been fixed so it doesn't seem like there is anything to do.
@5-sk Did you look at the CVE links?
For example GHSA-v53g-5gjp-272r says "This issue has been resolved in Helm v3.14.1."
They have all been resolved. Also one of them GHSA-p2g7-xwvr-rrw3 appears to be a vulnerability in FluxCD, not Helm. So I think the issue can be closed.
The most recent major version of Helm is 3.14 https://github.com/helm/helm/releases/tag/v3.14.0 and it uses go 1.21.
from helm.
Related Issues (20)
- helm repo proxy redirecting HOT 3
- Helm Lookup as a CLI option for values HOT 3
- go package for validate a values.yaml from a values.schema.json HOT 1
- Enhancement: Allow deep overriding of Values in a list using `-f values.yaml` the way it works with `--set` HOT 3
- Helm silently fails when templating/installing different versions of the same chart name. HOT 1
- Helm incorrect processes nodeSelecto with GPU Nodes HOT 1
- add / update Supported Kubernetes Versions page to have 3.15 version HOT 1
- Helm CLI should add "helm sink" to uninstall HOT 1
- Upgrade release with helm SDK got error: cannot patch "xxxx-deploy" with kind Deployment HOT 1
- Helm rollback with mismatch in resources with original and target revisions raises error. HOT 1
- can't use range inside library chart defined template in helm HOT 2
- helm upgrade --install Command Deletes All The Resources in Existing Release HOT 4
- Provide methods to disable OCI feature HOT 5
- In Helm 3.9, Default Values Were Used for Subcharts, But Helm 3.15 Raises Nil Pointer Error When Accessing Unset Values HOT 1
- wrong kubeversion detected HOT 6
- RFE: Support for multi-document values files HOT 7
- Warnings: Use tokens from the TokenRequest API or manually created secret-based tokens instead of auto-generated secret-based tokens. HOT 2
- Get more debug informations about why and upgrade failed with "release: already exists" HOT 2
- helm no strict version checking for dependencies
- templating is slower when using dependencies with tagged version HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from helm.