CVE-2022-23525

🗓️ 15 Dec 2022 19:17:15Reported by GitHub_MType

Helm prior to 3.10.3 allows NULL Pointer Dereference in _repo_package, leading to DoS

Reporter	Title	Published	Views	Family All 26
OSV	BIT-helm-2022-23525	6 Mar 202410:53	–	osv
OSV	Helm vulnerable to denial of service through through repository index file	14 Dec 202221:38	–	osv
OSV	CGA-JC6W-P5H2-JXWW	6 Jun 202412:26	–	osv
OSV	CVE-2022-23525	15 Dec 202219:15	–	osv
OSV	CGA-P2XQ-HJXV-P7QQ	6 Jun 202412:28	–	osv
OSV	Denial of service via repository index file in helm.sh/helm/v3	22 Dec 202223:11	–	osv
OSV	OPENSUSE-SU-2024:12603-1 cmctl-1.10.2-1.1 on GA media	15 Jun 202400:00	–	osv
OSV	OPENSUSE-SU-2024:12572-1 helm-3.10.3-2.1 on GA media	15 Jun 202400:00	–	osv
Cvelist	CVE-2022-23525 Helm vulnerable to Denial of service via NULL Pointer Dereference	15 Dec 202200:38	–	cvelist
Tenable Nessus	CBL Mariner 2.0 Security Update: helm (CVE-2022-23525)	20 Mar 202300:00	–	nessus

Nvd

Vulners

Node

helm helmRange3.0.0–3.10.3

[
  {
    "vendor": "helm",
    "product": "helm",
    "versions": [
      {
        "version": "< v3.10.3",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b
github	www.github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Dec 2022 19:15Current

6.2Medium risk

Vulners AI Score6.2

CVSS35.3 - 7.5

EPSS0.00091

CWE-476