CVE-2020-15187 — Injection in Helm

CWE-74 — Injection CWE-694 — Use of Multiple Resources with Duplicate Identifier6 documents6 sources

Severity

4.7MEDIUMNVD

CNA3.0

EPSS

0.2%

top 63.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Helm.sh Helm Helm.sh Helm V3 Helm

Timeline

PublishedSep 17

Latest updateMay 24

Description

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). This issue has been patc…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:LExploitability: 1.2 | Impact: 3.4

Affected Packages4 packages

▶NVDhelm/helm2.0.0 — 2.16.11+1

▶Gohelm.sh/helm2.0.0 — 2.16.11

▶Gohelm.sh/helm_v33.0.0 — 3.3.2

▶CVEListV5helm/helm>= 2.0.0, < 2.16.11, >= 3.0.0, < 3.3.2+1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

plugin.yaml file allows for duplicate entries in helm↗2021-05-24

▶

GHSA

plugin.yaml file allows for duplicate entries in helm↗2021-05-24

▶

CVEList

Duplicate plugin entries in Helm↗2020-09-17

▶

📋Vendor Advisories

Red Hat

helm: write access to the git repository or plugin archive causing causing a local execution attack↗2020-09-18

▶

💬Community

Bugzilla

CVE-2020-15187 helm: write access to the git repository or plugin archive causing causing a local execution attack↗2020-09-24

▶