Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2020-15186

๐Ÿ—“๏ธย 17 Sep 2020ย 22:12:15Reported byย GitHub_MTypeย 
cve
ย cve๐Ÿ”—ย web.nvd.nist.gov๐Ÿ‘ย 73ย Views

Helm versions 2.16.11 and 3.3.2 suffer from improper sanitization of plugin names, allowing for unexpected behavior

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
OSV		CVE-2020-15186
17 Sep 202022:15
โ€“osv
OSV		GHSA-M54R-VRMV-HW33 Improper Sanitizing of plugin names in helm
24 May 202116:57
โ€“osv
OSV		BIT-HELM-2020-15186 Improper sanitization of plugin names in Helm
6 Mar 202410:54
โ€“osv
OSV		SUSE-SU-2020:3760-1 Security changes in Kubernetes, etcd, and helm; Bugfix in cri-o package
23 Dec 202008:18
โ€“osv
Veracode		Command Injection
18 Sep 202002:29
โ€“veracode
GitLab Advisory Database		Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
24 May 202100:00
โ€“gitlab
GitLab Advisory Database		Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
24 May 202100:00
โ€“gitlab
GitLab Advisory Database		Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
24 May 202100:00
โ€“gitlab
Github Security Blog		Improper Sanitizing of plugin names in helm
24 May 202116:57
โ€“github
Cvelist		CVE-2020-15186 Improper sanitization of plugin names in Helm
17 Sep 202021:40
โ€“cvelist
Rows per page
Nvd
Vulners
Node
helmhelmRange2.0.0โ€“2.16.11
OR
helmhelmRange3.0.0โ€“3.3.2
[
  {
    "product": "helm",
    "vendor": "helm",
    "versions": [
      {
        "status": "affected",
        "version": ">= 2.0.0, < 2.16.11"
      },
      {
        "status": "affected",
        "version": ">= 3.0.0, < 3.3.2"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
17 Sep 2020 22:15Current
3.8Low risk
Vulners AI Score3.8
CVSS24
CVSS32.7 - 3.4
EPSS0.0042
CWE-20CWE-74
cve-2020-15186helmpluginsanitizationsecurityvulnerabilitynvd
73
.json
Report