HIGH8.6CVE-2026-35204Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory >= 4.0.0, < 4.1.4
HIGH8.5CVE-2025-53547Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution from 0, < 3.18.4
>= 3.1.0, < 3.2.0
HIGH7.8Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install
>= 4.0.0, < 4.1.4
HIGH7.7Flux2 Helm Controller denial of service
>= 3.0.0, < 3.9.4
HIGH7.5Helm's Missing YAML Content Leads To Panic
from 0, < 3.14.2
MEDIUM6.8Repository credentials passed to alternate domain
from 0, < 3.6.1
MEDIUM6.5Helm May Panic Due To Incorrect YAML Content
from 0, < 3.18.5
MEDIUM6.5Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion
from 0, < 3.18.5
MEDIUM6.5Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
from 0, < 3.17.3
MEDIUM6.5Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination
from 0, < 3.17.3
MEDIUM6.5Denial of service in Helm
>= 3.0.0, < 3.9.4
MEDIUM6.5Injection attack in Helm
>= 3.0.0, < 3.5.2
MEDIUM6.4Dependency management path traversal in helm
from 0, < 3.14.1
MEDIUM5.3Helm contains Denial of service through schema file
>= 3.0.0, < 3.10.3
MEDIUM5.3Helm vulnerable to Denial of service via NULL Pointer Dereference
>= 3.0.0, < 3.10.3
MEDIUM5.3Helm vulnerable to Denial of service through string value parsing
>= 3.0.0, < 3.10.3
MEDIUM4.3getHostByName Function Information Disclosure
>= 3.0.0, < 3.11.1
LOW3.7Path Traversal in Helm Plugin Archive
>= 3.0.0, < 3.2.4
LOW3.7Aliases are never checked in Helm
>= 2.0.0, < 2.16.11, >= 3.0.0, < 3.3.2
LOW3.4Improper sanitization of plugin names in Helm
>= 2.0.0, < 2.16.11, >= 3.0.0, < 3.3.2
LOW3.0Duplicate plugin entries in Helm
>= 2.0.0, < 2.16.11, >= 3.0.0, < 3.3.2
LOW2.2Duplicated chart entries in Helm
>= 2.0.0, < 2.16.11, >= 3.0.0, < 3.3.2
—Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment
from 0, < 3.20.2, >= 4.0.0, < 4.1.4