SUSE-SU-2026:1483-1

Details

This update for helm fixes the following issues:

CVE-2025-55199: crafted JSON Schema can lead to out of memory (OOM) termination (bsc#1248093).
CVE-2026-35206: files written to unexpected directory via specially crafted Chart(bsc#1261938).

Changes for helm:

Affected Packages

helm

SUSE Linux Enterprise Micro 5.5SUSE Linux Enterprise Module for Containers 15 SP7SUSE Linux Enterprise Module for Package Hub 15 SP7

Fixed in:

3.20.2-150000.1.71.2

helm-bash-completion

SUSE Linux Enterprise Micro 5.5SUSE Linux Enterprise Module for Containers 15 SP7

Fixed in:

3.20.2-150000.1.71.2

helm-zsh-completion

SUSE Linux Enterprise Module for Containers 15 SP7

Fixed in:

3.20.2-150000.1.71.2

helm-fish-completion

SUSE Linux Enterprise Module for Package Hub 15 SP7

Fixed in:

3.20.2-150000.1.71.2

References