22 matches found
Arbitrary File Write via Archive Extraction (Zip Slip)
Overview helm.sh/helm/v3/pkg/plugin/installer is a Kubernetes Package Manager. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. When installing Helm plugins from a tar archive over HTTP, it is possible for a malicious plugin author to injec...
Arbitrary File Write via Archive Extraction (Zip Slip)
Overview github.com/helm/helm/pkg/plugin/installer is a Kubernetes Package Manager. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. When installing Helm plugins from a tar archive over HTTP, it is possible for a malicious plugin author to...