All the vulnerabilites related to helm - Helm
cve-2019-1010275
Vulnerability from cvelistv5
Published
2019-07-17 20:14
Modified
2024-08-05 03:07
Severity ?
EPSS score ?
Summary
helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50). The attack vector is: A malicious client could connect to the server over the network. The fixed version is: 2.7.2.
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/releases/tag/v2.7.2 | x_refsource_MISC | |
https://github.com/helm/helm/pull/3152 | x_refsource_MISC | |
https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T03:07:18.493Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/releases/tag/v2.7.2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/pull/3152" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "Before 2.7.2 [fixed: 2.7.2]" } ] } ], "descriptions": [ { "lang": "en", "value": "helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50). The attack vector is: A malicious client could connect to the server over the network. The fixed version is: 2.7.2." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-295", "description": "CWE-295: Improper Certificate Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-17T20:14:50", "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/releases/tag/v2.7.2" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/pull/3152" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010275", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "Before 2.7.2 [fixed: 2.7.2]" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50). The attack vector is: A malicious client could connect to the server over the network. The fixed version is: 2.7.2." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-295: Improper Certificate Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/releases/tag/v2.7.2", "refsource": "MISC", "url": "https://github.com/helm/helm/releases/tag/v2.7.2" }, { "name": "https://github.com/helm/helm/pull/3152", "refsource": "MISC", "url": "https://github.com/helm/helm/pull/3152" }, { "name": "https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50", "refsource": "MISC", "url": "https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50" } ] } } } }, "cveMetadata": { "assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "assignerShortName": "dwf", "cveId": "CVE-2019-1010275", "datePublished": "2019-07-17T20:14:50", "dateReserved": "2019-03-20T00:00:00", "dateUpdated": "2024-08-05T03:07:18.493Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-15185
Vulnerability from cvelistv5
Published
2020-09-17 21:30
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
Duplicated chart entries in Helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453 | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:22.474Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.16.11" }, { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.3.2" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker must have write access to the index file (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the index file in the Helm repository cache before installing software." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "{\"CWE-694\":\"Use of Multiple Resources with Duplicate Identifier\"}", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-74", "description": "{\"CWE-74\":\"Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-17T21:30:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc" } ], "source": { "advisory": "GHSA-jm56-5h66-w453", "discovery": "UNKNOWN" }, "title": "Duplicated chart entries in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15185", "STATE": "PUBLIC", "TITLE": "Duplicated chart entries in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003e= 2.0.0, \u003c 2.16.11" }, { "version_value": "\u003e= 3.0.0, \u003c 3.3.2" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker must have write access to the index file (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the index file in the Helm repository cache before installing software." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "{\"CWE-694\":\"Use of Multiple Resources with Duplicate Identifier\"}" } ] }, { "description": [ { "lang": "eng", "value": "{\"CWE-74\":\"Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-jm56-5h66-w453" }, { "name": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc", "refsource": "MISC", "url": "https://github.com/helm/helm/commit/055dd41cbe53ce131ab0357524a7f6729e6e40dc" } ] }, "source": { "advisory": "GHSA-jm56-5h66-w453", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15185", "datePublished": "2020-09-17T21:30:13", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.474Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23525
Vulnerability from cvelistv5
Published
2022-12-15 00:38
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
Helm vulnerable to Denial of service via NULL Pointer Dereference
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:43:46.542Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q" }, { "name": "https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003c v3.10.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The _repo_ package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the _repo_ package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the _repo_ functions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-15T00:38:09.873Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q" }, { "name": "https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b" } ], "source": { "advisory": "GHSA-53c4-hhmh-vw5q", "discovery": "UNKNOWN" }, "title": "Helm vulnerable to Denial of service via NULL Pointer Dereference" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-23525", "datePublished": "2022-12-15T00:38:09.873Z", "dateReserved": "2022-01-19T21:23:53.783Z", "dateUpdated": "2024-08-03T03:43:46.542Z", "requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-18658
Vulnerability from cvelistv5
Published
2019-11-12 13:20
Modified
2024-08-05 01:54
Severity ?
EPSS score ?
Summary
In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue.
References
▼ | URL | Tags |
---|---|---|
https://helm.sh/blog/2019-10-30-helm-symlink-security-notice/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T01:54:14.598Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helm.sh/blog/2019-10-30-helm-symlink-security-notice/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-12T13:20:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://helm.sh/blog/2019-10-30-helm-symlink-security-notice/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-18658", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helm.sh/blog/2019-10-30-helm-symlink-security-notice/", "refsource": "MISC", "url": "https://helm.sh/blog/2019-10-30-helm-symlink-security-notice/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-18658", "datePublished": "2019-11-12T13:20:13", "dateReserved": "2019-10-31T00:00:00", "dateUpdated": "2024-08-05T01:54:14.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-32690
Vulnerability from cvelistv5
Published
2021-06-16 22:10
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Repository credentials passed to alternate domain
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf | x_refsource_CONFIRM | |
https://github.com/helm/helm/releases/tag/v3.6.1 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:25:31.090Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/releases/tag/v3.6.1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003c 3.6.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This issue has been resolved in 3.6.1. There is a workaround through which one may check for improperly passed credentials. One may use a username and password for a Helm repository and may audit the Helm repository in order to check for another domain being used that could have received the credentials. In the `index.yaml` file for that repository, one may look for another domain in the `urls` list for the chart versions. If there is another domain found and that chart version was pulled or installed, the credentials would be passed on." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-16T22:10:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/releases/tag/v3.6.1" } ], "source": { "advisory": "GHSA-56hp-xqp3-w2jf", "discovery": "UNKNOWN" }, "title": "Repository credentials passed to alternate domain", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32690", "STATE": "PUBLIC", "TITLE": "Repository credentials passed to alternate domain" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003c 3.6.1" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This issue has been resolved in 3.6.1. There is a workaround through which one may check for improperly passed credentials. One may use a username and password for a Helm repository and may audit the Helm repository in order to check for another domain being used that could have received the credentials. In the `index.yaml` file for that repository, one may look for another domain in the `urls` list for the chart versions. If there is another domain found and that chart version was pulled or installed, the credentials would be passed on." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf" }, { "name": "https://github.com/helm/helm/releases/tag/v3.6.1", "refsource": "MISC", "url": "https://github.com/helm/helm/releases/tag/v3.6.1" } ] }, "source": { "advisory": "GHSA-56hp-xqp3-w2jf", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32690", "datePublished": "2021-06-16T22:10:10", "dateReserved": "2021-05-12T00:00:00", "dateUpdated": "2024-08-03T23:25:31.090Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-15186
Vulnerability from cvelistv5
Published
2020-09-17 21:40
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
Improper sanitization of plugin names in Helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-m54r-vrmv-hw33 | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/809e2d999e2c33e20e77f6bff30652d79c287542 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:22.480Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-m54r-vrmv-hw33" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/809e2d999e2c33e20e77f6bff30652d79c287542" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.16.11" }, { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.3.2" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. This issue has been patched in Helm 3.3.2. A possible workaround is to not install untrusted Helm plugins. Examine the `name` field in the `plugin.yaml` file for a plugin, looking for characters outside of the [a-zA-Z0-9._-] range." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "{\"CWE-20\":\"Improper Input Validation\"}", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-17T21:40:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-m54r-vrmv-hw33" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/809e2d999e2c33e20e77f6bff30652d79c287542" } ], "source": { "advisory": "GHSA-m54r-vrmv-hw33", "discovery": "UNKNOWN" }, "title": "Improper sanitization of plugin names in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15186", "STATE": "PUBLIC", "TITLE": "Improper sanitization of plugin names in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003e= 2.0.0, \u003c 2.16.11" }, { "version_value": "\u003e= 3.0.0, \u003c 3.3.2" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. This issue has been patched in Helm 3.3.2. A possible workaround is to not install untrusted Helm plugins. Examine the `name` field in the `plugin.yaml` file for a plugin, looking for characters outside of the [a-zA-Z0-9._-] range." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "{\"CWE-20\":\"Improper Input Validation\"}" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-m54r-vrmv-hw33", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-m54r-vrmv-hw33" }, { "name": "https://github.com/helm/helm/commit/809e2d999e2c33e20e77f6bff30652d79c287542", "refsource": "MISC", "url": "https://github.com/helm/helm/commit/809e2d999e2c33e20e77f6bff30652d79c287542" } ] }, "source": { "advisory": "GHSA-m54r-vrmv-hw33", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15186", "datePublished": "2020-09-17T21:40:13", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.480Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-25165
Vulnerability from cvelistv5
Published
2023-02-08 19:07
Modified
2024-08-02 11:18
Severity ?
EPSS score ?
Summary
getHostByName Function Information Disclosure
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-pwcw-6f5g-gxf8 | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/5abcf74227bfe8e5a3dbf105fe62e7b12deb58d2 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:18:35.855Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-pwcw-6f5g-gxf8", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-pwcw-6f5g-gxf8" }, { "name": "https://github.com/helm/helm/commit/5abcf74227bfe8e5a3dbf105fe62e7b12deb58d2", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/5abcf74227bfe8e5a3dbf105fe62e7b12deb58d2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.11.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a DNS lookup. The DNS lookup happens when used with `helm install|upgrade|template` or when the Helm SDK is used to render a chart. Information passed into the chart can be disclosed to the DNS servers used to lookup the IP address. For example, a malicious chart could inject `getHostByName` into a chart in order to disclose values to a malicious DNS server. The issue has been fixed in Helm 3.11.1. Prior to using a chart with Helm verify the `getHostByName` function is not being used in a template to disclose any information you do not want passed to DNS servers." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-08T19:07:14.089Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-pwcw-6f5g-gxf8", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-pwcw-6f5g-gxf8" }, { "name": "https://github.com/helm/helm/commit/5abcf74227bfe8e5a3dbf105fe62e7b12deb58d2", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/5abcf74227bfe8e5a3dbf105fe62e7b12deb58d2" } ], "source": { "advisory": "GHSA-pwcw-6f5g-gxf8", "discovery": "UNKNOWN" }, "title": "getHostByName Function Information Disclosure" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-25165", "datePublished": "2023-02-08T19:07:14.089Z", "dateReserved": "2023-02-03T16:59:18.246Z", "dateUpdated": "2024-08-02T11:18:35.855Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-11013
Vulnerability from cvelistv5
Published
2020-04-24 20:05
Modified
2024-08-04 11:21
Severity ?
EPSS score ?
Summary
lookup Function Information Discolosure in Helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-q8q8-93cv-v6h8 | x_refsource_CONFIRM | |
https://github.com/helm/helm/releases/tag/v3.2.0 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:21:14.350Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-q8q8-93cv-v6h8" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/releases/tag/v3.2.0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 3.1.0, \u003c 3.2.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. `lookup` is a Helm template function introduced in Helm v3. It is able to lookup resources in the cluster to check for the existence of specific resources and get details about them. This can be used as part of the process to render templates. The documented behavior of `helm template` states that it does not attach to a remote cluster. However, a the recently added `lookup` template function circumvents this restriction and connects to the cluster even during `helm template` and `helm install|update|delete|rollback --dry-run`. The user is not notified of this behavior. Running `helm template` should not make calls to a cluster. This is different from `install`, which is presumed to have access to a cluster in order to load resources into Kubernetes. Helm 2 is unaffected by this vulnerability. A malicious chart author could inject a `lookup` into a chart that, when rendered through `helm template`, performs unannounced lookups against the cluster a user\u0026#39;s `KUBECONFIG` file points to. This information can then be disclosed via the output of `helm template`. This issue has been fixed in Helm 3.2.0" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-24T20:05:15", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-q8q8-93cv-v6h8" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/releases/tag/v3.2.0" } ], "source": { "advisory": "GHSA-q8q8-93cv-v6h8", "discovery": "UNKNOWN" }, "title": "lookup Function Information Discolosure in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-11013", "STATE": "PUBLIC", "TITLE": "lookup Function Information Discolosure in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Helm", "version": { "version_data": [ { "version_value": "\u003e= 3.1.0, \u003c 3.2.0" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. `lookup` is a Helm template function introduced in Helm v3. It is able to lookup resources in the cluster to check for the existence of specific resources and get details about them. This can be used as part of the process to render templates. The documented behavior of `helm template` states that it does not attach to a remote cluster. However, a the recently added `lookup` template function circumvents this restriction and connects to the cluster even during `helm template` and `helm install|update|delete|rollback --dry-run`. The user is not notified of this behavior. Running `helm template` should not make calls to a cluster. This is different from `install`, which is presumed to have access to a cluster in order to load resources into Kubernetes. Helm 2 is unaffected by this vulnerability. A malicious chart author could inject a `lookup` into a chart that, when rendered through `helm template`, performs unannounced lookups against the cluster a user\u0026#39;s `KUBECONFIG` file points to. This information can then be disclosed via the output of `helm template`. This issue has been fixed in Helm 3.2.0" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-q8q8-93cv-v6h8", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-q8q8-93cv-v6h8" }, { "name": "https://github.com/helm/helm/releases/tag/v3.2.0", "refsource": "MISC", "url": "https://github.com/helm/helm/releases/tag/v3.2.0" } ] }, "source": { "advisory": "GHSA-q8q8-93cv-v6h8", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-11013", "datePublished": "2020-04-24T20:05:15", "dateReserved": "2020-03-30T00:00:00", "dateUpdated": "2024-08-04T11:21:14.350Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1000008
Vulnerability from cvelistv5
Published
2019-02-04 21:00
Modified
2024-08-05 03:00
Severity ?
EPSS score ?
Summary
All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2.
References
▼ | URL | Tags |
---|---|---|
https://helm.sh/blog/helm-security-notice-2019/index.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T03:00:19.248Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://helm.sh/blog/helm-security-notice-2019/index.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "dateAssigned": "2019-01-22T00:00:00", "datePublic": "2019-02-04T00:00:00", "descriptions": [ { "lang": "en", "value": "All versions of Helm between Helm \u003e=2.0.0 and \u003c 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-02-04T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://helm.sh/blog/helm-security-notice-2019/index.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2019-01-22T21:21:10.016652", "DATE_REQUESTED": "2019-01-14T20:30:06", "ID": "CVE-2019-1000008", "REQUESTER": "matt@mattfarina.com", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "All versions of Helm between Helm \u003e=2.0.0 and \u003c 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://helm.sh/blog/helm-security-notice-2019/index.html", "refsource": "MISC", "url": "https://helm.sh/blog/helm-security-notice-2019/index.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-1000008", "datePublished": "2019-02-04T21:00:00", "dateReserved": "2019-01-14T00:00:00", "dateUpdated": "2024-08-05T03:00:19.248Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-21303
Vulnerability from cvelistv5
Published
2021-02-05 21:40
Modified
2024-08-03 18:09
Severity ?
EPSS score ?
Summary
Injection attack in Helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a | x_refsource_MISC | |
https://github.com/helm/helm/releases/tag/v3.5.2 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:09:15.134Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/releases/tag/v3.5.2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e 3.0, \u003c 3.5.2" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-74", "description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-05T21:40:14", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/releases/tag/v3.5.2" } ], "source": { "advisory": "GHSA-c38g-469g-cmgx", "discovery": "UNKNOWN" }, "title": "Injection attack in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-21303", "STATE": "PUBLIC", "TITLE": "Injection attack in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003e 3.0, \u003c 3.5.2" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx" }, { "name": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a", "refsource": "MISC", "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a" }, { "name": "https://github.com/helm/helm/releases/tag/v3.5.2", "refsource": "MISC", "url": "https://github.com/helm/helm/releases/tag/v3.5.2" } ] }, "source": { "advisory": "GHSA-c38g-469g-cmgx", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-21303", "datePublished": "2021-02-05T21:40:14", "dateReserved": "2020-12-22T00:00:00", "dateUpdated": "2024-08-03T18:09:15.134Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-15187
Vulnerability from cvelistv5
Published
2020-09-17 21:50
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
Duplicate plugin entries in Helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:22.691Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.16.11" }, { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.3.2" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin\u0027s install hooks, causing a local execution attack. To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 2.16.11 and Helm 3.3.2. As a possible workaround make sure to install plugins using a secure connection protocol like SSL." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-694", "description": "{\"CWE-694\":\"Use of Multiple Resources with Duplicate Identifier\"}", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-74", "description": "{\"CWE-74\":\"Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-17T21:50:12", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b" } ], "source": { "advisory": "GHSA-c52f-pq47-2r9j", "discovery": "UNKNOWN" }, "title": "Duplicate plugin entries in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15187", "STATE": "PUBLIC", "TITLE": "Duplicate plugin entries in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003e= 2.0.0, \u003c 2.16.11" }, { "version_value": "\u003e= 3.0.0, \u003c 3.3.2" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin\u0027s install hooks, causing a local execution attack. To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 2.16.11 and Helm 3.3.2. As a possible workaround make sure to install plugins using a secure connection protocol like SSL." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "{\"CWE-694\":\"Use of Multiple Resources with Duplicate Identifier\"}" } ] }, { "description": [ { "lang": "eng", "value": "{\"CWE-74\":\"Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-c52f-pq47-2r9j" }, { "name": "https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b", "refsource": "MISC", "url": "https://github.com/helm/helm/commit/d9ef5ce8bad512e325390c0011be1244b8380e4b" } ] }, "source": { "advisory": "GHSA-c52f-pq47-2r9j", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15187", "datePublished": "2020-09-17T21:50:12", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.691Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23526
Vulnerability from cvelistv5
Published
2022-12-15 00:43
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
Helm contains Denial of service through schema file
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33 | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:43:46.526Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33" }, { "name": "https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003c v3.10.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-15T00:43:40.383Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33" }, { "name": "https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d" } ], "source": { "advisory": "GHSA-67fx-wx78-jx33", "discovery": "UNKNOWN" }, "title": "Helm contains Denial of service through schema file" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-23526", "datePublished": "2022-12-15T00:43:40.383Z", "dateReserved": "2022-01-19T21:23:53.784Z", "dateUpdated": "2024-08-03T03:43:46.526Z", "requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-15184
Vulnerability from cvelistv5
Published
2020-09-17 20:40
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
Aliases are never checked in Helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-9vp5-m38w-j776 | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/e7c281564d8306e1dcf8023d97f972449ad74850 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:22.470Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-9vp5-m38w-j776" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/e7c281564d8306e1dcf8023d97f972449ad74850" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.16.11" }, { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.3.2" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the `dependencies` field of any untrusted chart, verifying that the `alias` field is either not used, or (if used) does not contain newlines or path characters." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "{\"CWE-20\":\"Improper Input Validation\"}", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-17T20:40:12", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-9vp5-m38w-j776" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/e7c281564d8306e1dcf8023d97f972449ad74850" } ], "source": { "advisory": "GHSA-9vp5-m38w-j776", "discovery": "UNKNOWN" }, "title": "Aliases are never checked in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15184", "STATE": "PUBLIC", "TITLE": "Aliases are never checked in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003e= 2.0.0, \u003c 2.16.11" }, { "version_value": "\u003e= 3.0.0, \u003c 3.3.2" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the `dependencies` field of any untrusted chart, verifying that the `alias` field is either not used, or (if used) does not contain newlines or path characters." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "{\"CWE-20\":\"Improper Input Validation\"}" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-9vp5-m38w-j776", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-9vp5-m38w-j776" }, { "name": "https://github.com/helm/helm/commit/e7c281564d8306e1dcf8023d97f972449ad74850", "refsource": "MISC", "url": "https://github.com/helm/helm/commit/e7c281564d8306e1dcf8023d97f972449ad74850" } ] }, "source": { "advisory": "GHSA-9vp5-m38w-j776", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15184", "datePublished": "2020-09-17T20:40:12", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.470Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23524
Vulnerability from cvelistv5
Published
2022-12-15 00:28
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
Helm vulnerable to Denial of service through string value parsing
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:43:46.450Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003c v3.10.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the _strvals_ package in the Helm SDK can have a Denial of Service attack when they use this package and it panics. This issue has been patched in 3.10.3. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-15T00:28:34.540Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r" } ], "source": { "advisory": "GHSA-6rx9-889q-vv2r", "discovery": "UNKNOWN" }, "title": "Helm vulnerable to Denial of service through string value parsing" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-23524", "datePublished": "2022-12-15T00:28:34.540Z", "dateReserved": "2022-01-19T21:23:53.783Z", "dateUpdated": "2024-08-03T03:43:46.450Z", "requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-36055
Vulnerability from cvelistv5
Published
2022-09-01 12:15
Modified
2024-08-03 09:52
Severity ?
EPSS score ?
Summary
Denial of service in Helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh | x_refsource_CONFIRM | |
https://github.com/helm/helm/releases/tag/v3.9.4 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:52:00.289Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/releases/tag/v3.9.4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003c 3.9.4" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Fuzz testing, provided by the CNCF, identified input to functions in the _strvals_ package that can cause an out of memory panic. The _strvals_ package contains a parser that turns strings in to Go structures. The _strvals_ package converts these strings into structures Go can work with. Some string inputs can cause array data structures to be created causing an out of memory panic. Applications that use the _strvals_ package in the Helm SDK to parse user supplied input can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with input to `--set`, `--set-string`, and other value setting flags that causes an out of memory panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been resolved in 3.9.4. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-01T12:15:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/releases/tag/v3.9.4" } ], "source": { "advisory": "GHSA-7hfp-qfw3-5jxh", "discovery": "UNKNOWN" }, "title": "Denial of service in Helm", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-36055", "STATE": "PUBLIC", "TITLE": "Denial of service in Helm" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "helm", "version": { "version_data": [ { "version_value": "\u003c 3.9.4" } ] } } ] }, "vendor_name": "helm" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Fuzz testing, provided by the CNCF, identified input to functions in the _strvals_ package that can cause an out of memory panic. The _strvals_ package contains a parser that turns strings in to Go structures. The _strvals_ package converts these strings into structures Go can work with. Some string inputs can cause array data structures to be created causing an out of memory panic. Applications that use the _strvals_ package in the Helm SDK to parse user supplied input can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with input to `--set`, `--set-string`, and other value setting flags that causes an out of memory panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been resolved in 3.9.4. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400: Uncontrolled Resource Consumption" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh" }, { "name": "https://github.com/helm/helm/releases/tag/v3.9.4", "refsource": "MISC", "url": "https://github.com/helm/helm/releases/tag/v3.9.4" } ] }, "source": { "advisory": "GHSA-7hfp-qfw3-5jxh", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-36055", "datePublished": "2022-09-01T12:15:13", "dateReserved": "2022-07-15T00:00:00", "dateUpdated": "2024-08-03T09:52:00.289Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-36049
Vulnerability from cvelistv5
Published
2022-09-07 20:15
Modified
2024-08-03 09:52
Severity ?
EPSS score ?
Summary
Flux2 Helm Controller denial of service
References
▼ | URL | Tags |
---|---|---|
https://github.com/fluxcd/flux2/security/advisories/GHSA-p2g7-xwvr-rrw3 | x_refsource_CONFIRM | |
https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh | x_refsource_MISC | |
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44996 | x_refsource_MISC | |
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48360 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:52:00.382Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/fluxcd/flux2/security/advisories/GHSA-p2g7-xwvr-rrw3" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44996" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48360" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "flux2", "vendor": "fluxcd", "versions": [ { "status": "affected", "version": "\u003e= 0.0.4, \u003c 0.23.0" }, { "status": "affected", "version": "\u003e= 0.0.17, \u003c 0.32.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux\u0027s helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK that affects flux2 v0.0.17 until v0.32.0 and helm-controller v0.0.4 until v0.23.0 allows for specific data inputs to cause high memory consumption. In some platforms, this could cause the controller to panic and stop processing reconciliations. In a shared cluster multi-tenancy environment, a tenant could create a HelmRelease that makes the controller panic, denying all other tenants from their Helm releases being reconciled. Patches are available in flux2 v0.32.0 and helm-controller v0.23.0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-07T20:15:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/fluxcd/flux2/security/advisories/GHSA-p2g7-xwvr-rrw3" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44996" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48360" } ], "source": { "advisory": "GHSA-p2g7-xwvr-rrw3", "discovery": "UNKNOWN" }, "title": "Flux2 Helm Controller denial of service", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-36049", "STATE": "PUBLIC", "TITLE": "Flux2 Helm Controller denial of service" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "flux2", "version": { "version_data": [ { "version_value": "\u003e= 0.0.4, \u003c 0.23.0" }, { "version_value": "\u003e= 0.0.17, \u003c 0.32.0" } ] } } ] }, "vendor_name": "fluxcd" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux\u0027s helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK that affects flux2 v0.0.17 until v0.32.0 and helm-controller v0.0.4 until v0.23.0 allows for specific data inputs to cause high memory consumption. In some platforms, this could cause the controller to panic and stop processing reconciliations. In a shared cluster multi-tenancy environment, a tenant could create a HelmRelease that makes the controller panic, denying all other tenants from their Helm releases being reconciled. Patches are available in flux2 v0.32.0 and helm-controller v0.23.0." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400: Uncontrolled Resource Consumption" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/fluxcd/flux2/security/advisories/GHSA-p2g7-xwvr-rrw3", "refsource": "CONFIRM", "url": "https://github.com/fluxcd/flux2/security/advisories/GHSA-p2g7-xwvr-rrw3" }, { "name": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh", "refsource": "MISC", "url": "https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh" }, { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44996", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44996" }, { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48360", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48360" } ] }, "source": { "advisory": "GHSA-p2g7-xwvr-rrw3", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-36049", "datePublished": "2022-09-07T20:15:13", "dateReserved": "2022-07-15T00:00:00", "dateUpdated": "2024-08-03T09:52:00.382Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-4053
Vulnerability from cvelistv5
Published
2020-06-16 22:00
Modified
2024-08-04 07:52
Severity ?
EPSS score ?
Summary
Path Traversal in Helm Plugin Archive
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-qq3j-xp49-j73f | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/0ad800ef43d3b826f31a5ad8dfbb4fe05d143688 | x_refsource_MISC | |
https://github.com/helm/helm/releases/tag/v3.2.4 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
The Helm Project | Helm |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T07:52:20.934Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-qq3j-xp49-j73f" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/0ad800ef43d3b826f31a5ad8dfbb4fe05d143688" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/releases/tag/v3.2.4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Helm", "vendor": "The Helm Project", "versions": [ { "status": "affected", "version": "\u003e= 3.0.0, \u003c 3.2.4" } ] } ], "descriptions": [ { "lang": "en", "value": "In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended directory. This has been fixed in 3.2.4." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-06-16T22:00:19", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-qq3j-xp49-j73f" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/0ad800ef43d3b826f31a5ad8dfbb4fe05d143688" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/releases/tag/v3.2.4" } ], "source": { "advisory": "GHSA-qq3j-xp49-j73f", "discovery": "UNKNOWN" }, "title": "Path Traversal in Helm Plugin Archive", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-4053", "STATE": "PUBLIC", "TITLE": "Path Traversal in Helm Plugin Archive" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Helm", "version": { "version_data": [ { "version_value": "\u003e= 3.0.0, \u003c 3.2.4" } ] } } ] }, "vendor_name": "The Helm Project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended directory. This has been fixed in 3.2.4." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-qq3j-xp49-j73f", "refsource": "CONFIRM", "url": "https://github.com/helm/helm/security/advisories/GHSA-qq3j-xp49-j73f" }, { "name": "https://github.com/helm/helm/commit/0ad800ef43d3b826f31a5ad8dfbb4fe05d143688", "refsource": "MISC", "url": "https://github.com/helm/helm/commit/0ad800ef43d3b826f31a5ad8dfbb4fe05d143688" }, { "name": "https://github.com/helm/helm/releases/tag/v3.2.4", "refsource": "MISC", "url": "https://github.com/helm/helm/releases/tag/v3.2.4" } ] }, "source": { "advisory": "GHSA-qq3j-xp49-j73f", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-4053", "datePublished": "2020-06-16T22:00:19", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2024-08-04T07:52:20.934Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-26147
Vulnerability from cvelistv5
Published
2024-02-21 22:21
Modified
2024-08-14 19:55
Severity ?
EPSS score ?
Summary
Helm's Missing YAML Content Leads To Panic
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6 | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/bb4cc9125503a923afb7988f3eb478722a8580af | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T23:59:32.585Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6" }, { "name": "https://github.com/helm/helm/commit/bb4cc9125503a923afb7988f3eb478722a8580af", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/bb4cc9125503a923afb7988f3eb478722a8580af" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "helm", "vendor": "helm", "versions": [ { "lessThan": "3.14.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-26147", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-14T19:54:40.217354Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-14T19:55:28.698Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003c 3.14.2" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an `index.yaml` file or a plugins `plugin.yaml` file were missing all metadata a panic would occur in Helm. In the Helm SDK, this is found when using the `LoadIndexFile` or `DownloadIndexFile` functions in the `repo` package or the `LoadDir` function in the `plugin` package. For the Helm client this impacts functions around adding a repository and all Helm functions if a malicious plugin is added as Helm inspects all known plugins on each invocation. This issue has been resolved in Helm v3.14.2. If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem. If using Helm SDK versions prior to 3.14.2, calls to affected functions can use `recover` to catch the panic." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-457", "description": "CWE-457: Use of Uninitialized Variable", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-21T22:21:42.658Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6" }, { "name": "https://github.com/helm/helm/commit/bb4cc9125503a923afb7988f3eb478722a8580af", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/bb4cc9125503a923afb7988f3eb478722a8580af" } ], "source": { "advisory": "GHSA-r53h-jv2g-vpx6", "discovery": "UNKNOWN" }, "title": "Helm\u0027s Missing YAML Content Leads To Panic" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-26147", "datePublished": "2024-02-21T22:21:42.658Z", "dateReserved": "2024-02-14T17:40:03.689Z", "dateUpdated": "2024-08-14T19:55:28.698Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-25620
Vulnerability from cvelistv5
Published
2024-02-14 23:24
Modified
2024-08-26 14:49
Severity ?
EPSS score ?
Summary
Dependency management path traversal in helm
References
▼ | URL | Tags |
---|---|---|
https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r | x_refsource_CONFIRM | |
https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T23:44:09.801Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r" }, { "name": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "helm", "vendor": "helm", "versions": [ { "lessThan": "3.14.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-25620", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-15T19:45:34.439610Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-26T14:49:43.726Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "helm", "vendor": "helm", "versions": [ { "status": "affected", "version": "\u003c 3.14.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-14T23:24:57.651Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r" }, { "name": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503" } ], "source": { "advisory": "GHSA-v53g-5gjp-272r", "discovery": "UNKNOWN" }, "title": "Dependency management path traversal in helm" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-25620", "datePublished": "2024-02-14T23:24:57.651Z", "dateReserved": "2024-02-08T22:26:33.511Z", "dateUpdated": "2024-08-26T14:49:43.726Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }