Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Helm 路径遍历漏洞
Vulnerability Description
helm是一款Kubernetes包管理器。 Helm 2.0.0版本至2.12.2之前的版本中‘helm fetch --untar’和‘helm lint some.tgz’命令存在目录遍历漏洞。攻击者可利用该漏洞覆盖已存在的文件。
CVSS Information
N/A
Vulnerability Type
N/A