Lucene search
K

7 matches found

Snyk
Snyk
added 2026/04/09 9:2 p.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the helm pull --untar chart URL | repo/chartname command. An attacker can cause files to be written to unintended directories, potentially overwriting existing files or placing malicious files in accessible...

4.8CVSS6.3AI score0.00199EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/09 9:2 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the helm pull --untar chart URL | repo/chartname command. An attacker can cause files to be written to unintended directories, potentially overwriting existing files or placing malicious files in accessible...

4.8CVSS6.3AI score0.00199EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/09 9:2 p.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the helm pull --untar chart URL | repo/chartname command. An attacker can cause files to be written to unintended directories, potentially overwriting existing files or placing malicious files in accessible...

4.8CVSS6.3AI score0.00199EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/09 9:2 p.m.8 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the helm pull --untar chart URL | repo/chartname command. An attacker can cause files to be written to unintended directories, potentially overwriting existing files or placing malicious files in accessible...

4.8CVSS6.3AI score0.00199EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/09 9:2 p.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the helm pull --untar chart URL | repo/chartname command. An attacker can cause files to be written to unintended directories, potentially overwriting existing files or placing malicious files in accessible...

4.8CVSS6.3AI score0.00199EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.10 views

Helm 路径遍历漏洞

Helm is a Kubernetes package manager offered by the CNCF Foundation. Versions of Helm prior to 3.20.1 and 4.1.3 had a path traversal vulnerability. This vulnerability stemmed from specially crafted Charts, which could cause the helm pull --untar command to write Chart contents to an output...

4.8CVSS5.8AI score0.00199EPSS
Exploits0References3
OSV
OSV
added 2021/05/24 4:57 p.m.25 views

GHSA-JM56-5H66-W453 Repository index file allows for duplicates of the same chart entry in helm

Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs...

2.2CVSS4AI score0.00883EPSS
Exploits0References4
Rows per page
Query Builder