| CVE-2021-32690 |
medium |
— |
5.5 |
5y ago |
Repository credentials passed to alternate domain in helm.sh/helm/v3 |
|
| CVE-2021-21303 |
low |
— |
2.5 |
5y ago |
Insufficient sanitization of data files in helm.sh/helm/v3 |
|
| CVE-2026-35206 |
unknown |
— |
— |
2mo ago |
Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment |
|
| CVE-2025-55198 |
unknown |
— |
— |
10mo ago |
Helm May Panic Due To Incorrect YAML Content in helm.sh/helm |
|
| CVE-2025-55199 |
unknown |
— |
— |
10mo ago |
Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion in helm.sh/helm |
|
| CVE-2025-53547 |
unknown |
— |
— |
11mo ago |
Helm vulnerable to Code Injection through malicious chart.yaml content in helm.sh/helm |
|
| CVE-2025-32387 |
unknown |
— |
— |
1y ago |
Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow in helm.sh/helm |
|
| CVE-2025-32386 |
unknown |
— |
— |
1y ago |
Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination in helm.sh/helm |
|
| CVE-2019-25210 |
unknown |
— |
— |
2y ago |
Withdrawn Advisory: Helm shows secrets in clear text |
|
| CVE-2024-26147 |
unknown |
— |
— |
2y ago |
Helm's Missing YAML Content Leads To Panic in helm.sh/helm/v3 |
|
| CVE-2024-25620 |
unknown |
— |
— |
2y ago |
Path traversal in helm.sh/helm/v3 |
|
| CVE-2023-25165 |
unknown |
— |
— |
3y ago |
Information disclosure in helm.sh/helm/v3 |
|
| CVE-2022-23526 |
unknown |
— |
— |
4y ago |
Denial of service via schema file in helm.sh/helm/v3 |
|
| CVE-2022-23525 |
unknown |
— |
— |
4y ago |
Denial of service via repository index file in helm.sh/helm/v3 |
|
| CVE-2022-23524 |
unknown |
— |
— |
4y ago |
Denial of service in string value parsing in helm.sh/helm/v3 |
|
| CVE-2022-36055 |
unknown |
— |
— |
4y ago |
Denial of service through string value parsing in helm.sh/helm/v3 |
|
| CVE-2020-4053 |
unknown |
— |
— |
5y ago |
Plugin archive directory traversal in Helm |
|
| CVE-2020-7919 |
unknown |
— |
— |
5y ago |
Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte |
|
| CVE-2020-11013 |
unknown |
— |
— |
5y ago |
Lookup function information discolosure in helm |
|
| CVE-2020-15187 |
unknown |
— |
— |
5y ago |
plugin.yaml file allows for duplicate entries in helm |
|
| CVE-2020-15186 |
unknown |
— |
— |
5y ago |
Improper Sanitizing of plugin names in helm |
|
| CVE-2020-15185 |
unknown |
— |
— |
5y ago |
Repository index file allows for duplicates of the same chart entry in helm |
|
| CVE-2020-15184 |
unknown |
— |
— |
5y ago |
Aliases are never checked in helm |
|