Lucene search
K

7 matches found

OSV
OSV
added 2024/03/06 10:55 a.m.27 views

BIT-HELM-2020-15184 Aliases are never checked in Helm

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS4AI score0.01029EPSS
Exploits0References3
OSV
OSV
added 2021/05/24 4:56 p.m.25 views

GHSA-9VP5-M38W-J776 Aliases are never checked in helm

Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. Patches This issue has been patched in Helm 3.3.2 a...

3.7CVSS4.3AI score0.01029EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2021/05/24 4:56 p.m.63 views

Aliases are never checked in helm

Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. Patches This issue has been patched in Helm 3.3.2 a...

4CVSS5.4AI score0.01029EPSS
Exploits0References5Affected Software2
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/24 12:0 a.m.25 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS2.4AI score0.01029EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/24 12:0 a.m.32 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS2.4AI score0.01029EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2020/09/17 9:15 p.m.22 views

CVE-2020-15184

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS0.01029EPSS
Exploits0References2
OSV
OSV
added 2020/09/17 9:15 p.m.23 views

CVE-2020-15184

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

2.7CVSS6.6AI score
Exploits0References2
Rows per page
Query Builder