Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.3 views

SUSE CVE-2020-4053

In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended director...

8.5CVSS6.8AI score0.01458EPSS
Exploits0References3
ALT Linux
ALT Linux
added 2020/11/23 12:0 a.m.57 views

Security fix for the ALT Linux 10 package helm version 3.4.1-alt1

Nov. 23, 2020 Aleksei Nikiforov 3.4.1-alt1 - Updated to upstream version 3.4.1 Fixes: CVE-2020-4053, CVE-2020-11013, CVE-2020-15184, CVE-2020-15185, CVE-2020-15186, CVE-2020-15187...

8.5CVSS5.3AI score0.01517EPSS
Exploits1
CVE
CVE
added 2020/06/16 10:0 p.m.85 views

CVE-2020-4053

CVE-2020-4053 affects Helm 3.0.0–3.2.3, enabling path traversal when installing plugins from tar archives delivered over HTTP. A malicious plugin author could inject relative paths in the archive to copy files outside the intended directory. The issue has been fixed in Helm 3.2.4. Affected compon...

8.5CVSS5.2AI score0.01458EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/06/16 10:0 p.m.23 views

CVE-2020-4053 Path Traversal in Helm Plugin Archive

In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended director...

3.7CVSS6.5AI score0.01458EPSS
Exploits0References3
Rows per page
Query Builder