Helm.Sh Helm vulnerabilities

CVE-2019-18658 [CRITICAL] CWE-59 Helm Unsafe Link Following Helm Unsafe Link Following In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as `/etc/passwd`, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue.

CVE-2019-1010275 [CRITICAL] CWE-295 Helm Improper Certificate Validation Helm Improper Certificate Validation helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see https://github.com/helm/helm/pull/3152/files/1096813bf9a425e2aa4ac755b6c991b626dfab50). The attack vector is: A malicious client could connect to the serv

CVE-2019-1000008 [MEDIUM] CWE-22 Helm Path Traversal Helm Path Traversal All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a special

CVE-2020-15187 [LOW] CWE-694 plugin.yaml file allows for duplicate entries in helm plugin.yaml file allows for duplicate entries in helm ### Impact During a security audit of Helm's code base, Helm maintainers identified a bug in which a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform this attac

CVE-2020-15185 [LOW] CWE-20 Repository index file allows for duplicates of the same chart entry in helm Repository index file allows for duplicates of the same chart entry in helm ### Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad

CVE-2020-15186 [LOW] CWE-20 Improper Sanitizing of plugin names in helm Improper Sanitizing of plugin names in helm ### Impact Security researchers at Trail of Bits discovered that plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. ### Specific Go Packages Affected helm.sh/helm/v3/pkg/plugin ### Pa

CVE-2020-15184 [LOW] CWE-20 Aliases are never checked in helm Aliases are never checked in helm ### Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized. This could lead to the injection of unwanted information into a chart. ### Patches This issue has been patched in Helm 3.3.2 and 2.16.11 ### Specific Go Packages Affected helm.sh/helm/v3/pkg/chartutil ### Workaround