Описание
Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
A Helm contributor discovered that a specially crafted JSON Schema within a chart can lead to a stack overflow.
Impact
A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow.
Patches
This issue has been resolved in Helm v3.17.3.
Workarounds
Ensure that the JSON Schema within any charts loaded by Helm does not have a large number of nested references. These JSON Schema files are larger than 10 MiB.
For more information
Helm's security policy is spelled out in detail in our SECURITY document.
Credits
Disclosed by Jakub Ciolek at AlphaSense.
Пакеты
helm.sh/helm/v3
< 3.17.3
3.17.3
Связанные уязвимости
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3.
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3.
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3.
Helm is a package manager for Charts for Kubernetes. A JSON Schema fil ...