exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2020-15186

больше 5 лет назад

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. This issue has been patched in Helm 3.3.2. A possible workaround is to not install untrusted Helm plugins. Examine the `name` field in the `plugin.yaml` file for a plugin, looking for characters outside of the [a-zA-Z0-9._-] range.

CVSS3: 2.7

EPSS: Низкий

CVE-2020-15186

больше 5 лет назад

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. This issue has been patched in Helm 3.3.2. A possible workaround is to not install untrusted Helm plugins. Examine the `name` field in the `plugin.yaml` file for a plugin, looking for characters outside of the [a-zA-Z0-9._-] range.

CVSS3: 3.4

EPSS: Низкий

CVE-2020-15186

больше 5 лет назад

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitiz ...

CVSS3: 3.4

EPSS: Низкий

GHSA-m54r-vrmv-hw33

больше 4 лет назад

Improper Sanitizing of plugin names in helm

CVSS3: 3.4

EPSS: Низкий

SUSE-SU-2020:3760-1

около 5 лет назад

Security changes in Kubernetes, etcd, and helm; Bugfix in cri-o package

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-15186 In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. This issue has been patched in Helm 3.3.2. A possible workaround is to not install untrusted Helm plugins. Examine the `name` field in the `plugin.yaml` file for a plugin, looking for characters outside of the [a-zA-Z0-9._-] range.	CVSS3: 2.7	0% Низкий	больше 5 лет назад
CVE-2020-15186 In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. This issue has been patched in Helm 3.3.2. A possible workaround is to not install untrusted Helm plugins. Examine the `name` field in the `plugin.yaml` file for a plugin, looking for characters outside of the [a-zA-Z0-9._-] range.	CVSS3: 3.4	0% Низкий	больше 5 лет назад
CVE-2020-15186 In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitiz ...	CVSS3: 3.4	0% Низкий	больше 5 лет назад
GHSA-m54r-vrmv-hw33 Improper Sanitizing of plugin names in helm	CVSS3: 3.4	0% Низкий	больше 4 лет назад
SUSE-SU-2020:3760-1 Security changes in Kubernetes, etcd, and helm; Bugfix in cri-o package			около 5 лет назад

Уязвимостей на страницу