CVE-2020-4053 — Path Traversal in Helm V3

CWE-22 — Path Traversal6 documents6 sources

Severity

6.8MEDIUMNVD

CNA3.7

EPSS

0.4%

top 38.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Helm.sh Helm V3 Helm THE Helm Project Helm

Timeline

PublishedJun 16

Latest updateJun 23

Description

In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended directory. This has been fixed in 3.2.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages3 packages

▶NVDhelm/helm3.0.0 — 3.2.4

▶Gohelm.sh/helm_v33.0.0 — 3.2.4

▶CVEListV5the_helm_project/helm>= 3.0.0, < 3.2.4

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Plugin archive directory traversal in Helm↗2021-06-23

▶

GHSA

Plugin archive directory traversal in Helm↗2021-06-23

▶

CVEList

Path Traversal in Helm Plugin Archive↗2020-06-16

▶

📋Vendor Advisories

Red Hat

helm: allows path traversal when installing plugins from a tar archive over HTTP↗2020-06-16

▶

💬Community

Bugzilla

CVE-2020-4053 helm: allows path traversal when installing plugins from a tar archive over HTTP↗2020-06-18

▶