github.com/helm/helm is vulnerable to directory traversal. A zip-slip vulnerability when installing Helm plugins from a tar archive over HTTP allows an attacker to overwrite arbitrary files which could potentially result in arbitrary code execution when system files are overwritten.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/helm/helm | le | 3.2.3 |