Lucene search
Veracode Vulnerability DatabaseVERACODE:21947HistoryNov 13, 2019 - 4:24 a.m.
Symlink Attack
2019-11-1304:24:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.002
Percentile
60.7%
github.com/helm/helm is vulnerable to symlink attack. During loading or packaging of a chart as a directory, a malicious chart containing symlinks could be used to obtain system files such as /etc/passwd. The vulnerability can also be used to cause a denial of service condition when special files such as /dec/urandom are referenced via the symlinks.
Related
osv
osv
Helm Unsafe Link Following
2022-05-24 22:01:14
Helm Unsafe Link Following in helm.sh/helm
2024-08-20 20:31:38
CVE-2019-18658
2019-11-12 14:15:11
cvelist
cvelist
CVE-2019-18658
2019-11-12 13:20:13
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:1888-1)
2022-06-01 00:00:00
openSUSE: Security Advisory for helm-mirror (SUSE-SU-2022:1888-1)
2022-06-01 00:00:00
nessus
nessus
SUSE SLES15 Security Update : helm-mirror (SUSE-SU-2022:1888-1)
2022-06-01 00:00:00
suse
suse
Security update for helm-mirror (moderate)
2022-05-31 00:00:00
github
github
Helm Unsafe Link Following
2022-05-24 22:01:14
prion
prion
Design/Logic Flaw
2019-11-12 14:15:00
cve
cve
CVE-2019-18658
2019-11-12 14:15:11
nvd
nvd
CVE-2019-18658
2019-11-12 14:15:11