Lucene search

CVE-2023-25165

🗓️ 08 Feb 2023 20:24:15Reported by GitHub_MType

Helm v3 `getHostByName` function allows disclosure of information via DNS looku

Reporter	Title	Published	Views	Family All 39
AlpineLinux	CVE-2023-25165	8 Feb 202320:15	–	alpinelinux
RedhatCVE	CVE-2023-25165	9 Feb 202304:56	–	redhatcve
Veracode	Information Disclosure	12 Feb 202314:31	–	veracode
GitLab Advisory Database	Exposure of Sensitive Information to an Unauthorized Actor	8 Feb 202300:00	–	gitlab
OSV	BIT-helm-2023-25165	6 Mar 202410:53	–	osv
OSV	OPENSUSE-SU-2024:12695-1 cilium-cli-0.12.13-1.1 on GA media	15 Jun 202400:00	–	osv
OSV	CGA-GPJ7-899C-2322	6 Jun 202412:27	–	osv
OSV	Information disclosure in helm.sh/helm/v3	14 Feb 202315:53	–	osv
OSV	CGA-437H-JM9G-RH24	6 Jun 202412:06	–	osv
OSV	OPENSUSE-SU-2024:12682-1 k9s-0.27.3-1.1 on GA media	15 Jun 202400:00	–	osv

Nvd

Vulners

Node

helm helmRange3.0.0–3.11.1

[
  {
    "vendor": "helm",
    "product": "helm",
    "versions": [
      {
        "version": ">= 3.0.0, < 3.11.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/helm/helm/commit/5abcf74227bfe8e5a3dbf105fe62e7b12deb58d2
github	www.github.com/helm/helm/security/advisories/GHSA-pwcw-6f5g-gxf8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Feb 2023 20:15Current

4.6Medium risk

Vulners AI Score4.6

CVSS34.3

EPSS0.00058

SSVC

CWE-200