Known Vulnerabilities for products from Helm
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Helm".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-26056 | Not Provided | 2026-02-12 | 2026-02-12 | |
| CVE-2026-26055 | Not Provided | 2026-02-12 | 2026-02-12 | |
| CVE-2022-23526 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-12-15 | 2022-12-20 |
| CVE-2022-23525 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-12-15 | 2022-12-20 |
| CVE-2022-23524 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-12-15 | 2023-06-27 |
| CVE-2021-32690 | Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a v... | 8.6 - HIGH | 2021-06-16 | 2022-10-25 |
| CVE-2021-21303 | Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Chart... | 6.8 - MEDIUM | 2021-02-05 | 2023-03-13 |
| CVE-2020-15187 | In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always u... | 4.7 - MEDIUM | 2020-09-17 | 2021-11-18 |
| CVE-2020-15186 | In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author cou... | 2.7 - LOW | 2020-09-17 | 2021-11-18 |
| CVE-2020-15185 | In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one alwa... | 2.7 - LOW | 2020-09-17 | 2022-08-05 |
| CVE-2020-15184 | In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitiz... | 2.7 - LOW | 2020-09-17 | 2021-11-18 |
| CVE-2020-11013 | Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. `lookup` is a Helm temp... | 5 - MEDIUM | 2020-04-24 | 2020-07-06 |
| CVE-2020-4053 | In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins ... | 6.8 - MEDIUM | 2020-06-16 | 2020-07-06 |
| CVE-2019-1010275 | helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect... | 9.8 - CRITICAL | 2019-07-17 | 2019-10-09 |
| CVE-2019-1000009 | Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (... | 6.5 - MEDIUM | 2019-02-04 | 2019-02-08 |
| CVE-2019-1000008 | All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted D... | 6.5 - MEDIUM | 2019-02-04 | 2019-02-15 |
| CVE-2019-18658 | In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity... | 9.8 - CRITICAL | 2019-11-12 | 2019-11-14 |
Known software with vulnerabilities from Helm
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Helm | Chartmuseum | 0.1.0 |
| Application | Helm | Helm | 1.0 |