| CVE-2021-32690 |
medium |
— |
5.5 |
|
|
|
5y ago |
information disclosure in helm |
| CVE-2021-21303 |
low |
— |
2.5 |
|
|
|
5y ago |
insufficient validation in helm |
| CVE-2026-35206 |
unknown |
— |
— |
|
|
|
2mo ago |
Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment |
| CVE-2025-55198 |
unknown |
— |
— |
|
|
|
10mo ago |
Helm May Panic Due To Incorrect YAML Content in helm.sh/helm |
| CVE-2025-55199 |
unknown |
— |
— |
|
|
|
10mo ago |
Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion in helm.sh/helm |
| CVE-2025-53547 |
unknown |
— |
— |
|
|
|
11mo ago |
Helm vulnerable to Code Injection through malicious chart.yaml content in helm.sh/helm |
| CVE-2025-32387 |
unknown |
— |
— |
|
|
|
1y ago |
Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow in helm.sh/helm |
| CVE-2025-32386 |
unknown |
— |
— |
|
|
|
1y ago |
Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination in helm.sh/helm |
| CVE-2019-25210 |
unknown |
— |
— |
|
|
|
2y ago |
Withdrawn Advisory: Helm shows secrets in clear text |
| CVE-2024-26147 |
unknown |
— |
— |
|
|
|
2y ago |
Helm's Missing YAML Content Leads To Panic in helm.sh/helm/v3 |
| CVE-2024-25620 |
unknown |
— |
— |
|
|
|
2y ago |
Path traversal in helm.sh/helm/v3 |
| CVE-2023-25165 |
unknown |
— |
— |
|
|
|
3y ago |
Information disclosure in helm.sh/helm/v3 |
| CVE-2022-23526 |
unknown |
— |
— |
|
|
|
4y ago |
Denial of service via schema file in helm.sh/helm/v3 |
| CVE-2022-23525 |
unknown |
— |
— |
|
|
|
4y ago |
Denial of service via repository index file in helm.sh/helm/v3 |
| CVE-2022-23524 |
unknown |
— |
— |
|
|
|
4y ago |
Denial of service in string value parsing in helm.sh/helm/v3 |
| CVE-2022-36055 |
unknown |
— |
— |
|
|
|
4y ago |
Denial of service through string value parsing in helm.sh/helm/v3 |
| CVE-2020-4053 |
unknown |
— |
— |
|
|
|
5y ago |
Plugin archive directory traversal in Helm |
| CVE-2020-7919 |
unknown |
— |
— |
|
|
|
5y ago |
Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte |
| CVE-2020-11013 |
unknown |
— |
— |
|
|
|
5y ago |
Lookup function information discolosure in helm |
| CVE-2020-15187 |
unknown |
— |
— |
|
|
|
5y ago |
plugin.yaml file allows for duplicate entries in helm |
| CVE-2020-15186 |
unknown |
— |
— |
|
|
|
5y ago |
Improper Sanitizing of plugin names in helm |
| CVE-2020-15185 |
unknown |
— |
— |
|
|
|
5y ago |
Repository index file allows for duplicates of the same chart entry in helm |
| CVE-2020-15184 |
unknown |
— |
— |
|
|
|
5y ago |
Aliases are never checked in helm |
