pkg:Go/helm.sh/helm/v3

All known vulnerabilities

• HIGH8.5CVE-2025-53547Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution
  >= 3.18.0-rc.1, < 3.18.4
• HIGH8.5CVE-2025-53547Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution
  from 0, < 3.18.4
• HIGH8.5CVE-2020-11013lookup Function Information Discolosure in Helm
  >= 3.0.0, < 3.1.3
• HIGH7.5Helm's Missing YAML Content Leads To Panic
  from 0, < 3.14.2
• HIGH7.5Helm's Missing YAML Content Leads To Panic
  from 0, < 3.14.2
• HIGH7.5Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte
  >= 3.0.0, < 3.1.0
• MEDIUM6.8Repository credentials passed to alternate domain
  from 0, < 3.6.1
• MEDIUM6.8Repository credentials passed to alternate domain
  from 0, < 3.6.1
• MEDIUM6.8Repository credentials passed to alternate domain
  from 0, < 3.6.1
• MEDIUM6.5Helm May Panic Due To Incorrect YAML Content
  from 0, < 3.18.5
• MEDIUM6.5Helm May Panic Due To Incorrect YAML Content
  from 0, < 3.18.5
• MEDIUM6.5Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion
  from 0, < 3.18.5
• MEDIUM6.5Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion
  from 0, < 3.18.5
• MEDIUM6.5Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
  from 0, < 3.17.3
• MEDIUM6.5Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
  from 0, < 3.17.3
• MEDIUM6.5Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination
  from 0, < 3.17.3
• MEDIUM6.5Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination
  from 0, < 3.17.3
• MEDIUM6.5Withdrawn Advisory: Helm shows secrets in clear text
  >= 3.0.0, <= 3.14.2
• MEDIUM6.5Denial of service in Helm
  from 0, < 3.9.4
• MEDIUM6.5Denial of service in Helm
  from 0, < 3.9.4
• MEDIUM6.5Injection attack in Helm
  >= 3.0.0, < 3.5.2
• MEDIUM6.5Injection attack in Helm
  >= 3.0.0, < 3.5.2
• MEDIUM6.4Dependency management path traversal in helm
  from 0, < 3.14.1
• MEDIUM6.4Dependency management path traversal in helm
  from 0, < 3.14.1
• MEDIUM5.3Helm contains Denial of service through schema file
  from 0, < 3.10.3
• MEDIUM5.3Helm contains Denial of service through schema file
  from 0, < 3.10.3
• MEDIUM5.3Helm vulnerable to Denial of service via NULL Pointer Dereference
  from 0, < 3.10.3
• MEDIUM5.3Helm vulnerable to Denial of service via NULL Pointer Dereference
  from 0, < 3.10.3
• MEDIUM5.3Helm vulnerable to Denial of service through string value parsing
  from 0, < 3.10.3
• MEDIUM5.3Helm vulnerable to Denial of service through string value parsing
  from 0, < 3.10.3
• MEDIUM4.3getHostByName Function Information Disclosure
  >= 3.0.0, < 3.11.1
• MEDIUM4.3getHostByName Function Information Disclosure
  from 0, < 3.11.1
• LOW3.7Path Traversal in Helm Plugin Archive
  >= 3.0.0, < 3.2.4
• LOW3.7Aliases are never checked in Helm
  >= 3.0.0, < 3.3.2
• LOW3.4Improper sanitization of plugin names in Helm
  >= 3.0.0, < 3.3.2
• LOW3.0Duplicate plugin entries in Helm
  >= 3.0.0, < 3.3.2
• LOW2.2Duplicated chart entries in Helm
  >= 3.0.0, < 3.3.2
• —Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment
  from 0, < 3.20.2