Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-1000008

All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
Products affected by CVE-2019-1000008
  • Helm » Helm » Version: 2.0.0
    cpe:2.3:a:helm:helm:2.0.0
  • Helm » Helm » Version: 2.0.1
    cpe:2.3:a:helm:helm:2.0.1
  • Helm » Helm » Version: 2.0.2
    cpe:2.3:a:helm:helm:2.0.2
  • Helm » Helm » Version: 2.1.0
    cpe:2.3:a:helm:helm:2.1.0
  • Helm » Helm » Version: 2.1.1
    cpe:2.3:a:helm:helm:2.1.1
  • Helm » Helm » Version: 2.1.2
    cpe:2.3:a:helm:helm:2.1.2
  • Helm » Helm » Version: 2.1.3
    cpe:2.3:a:helm:helm:2.1.3
  • Helm » Helm » Version: 2.10.0
    cpe:2.3:a:helm:helm:2.10.0
  • Helm » Helm » Version: 2.11.0
    cpe:2.3:a:helm:helm:2.11.0
  • Helm » Helm » Version: 2.12.0
    cpe:2.3:a:helm:helm:2.12.0
  • Helm » Helm » Version: 2.12.1
    cpe:2.3:a:helm:helm:2.12.1
  • Helm » Helm » Version: 2.2.0
    cpe:2.3:a:helm:helm:2.2.0
  • Helm » Helm » Version: 2.2.1
    cpe:2.3:a:helm:helm:2.2.1
  • Helm » Helm » Version: 2.2.2
    cpe:2.3:a:helm:helm:2.2.2
  • Helm » Helm » Version: 2.2.3
    cpe:2.3:a:helm:helm:2.2.3
  • Helm » Helm » Version: 2.3.0
    cpe:2.3:a:helm:helm:2.3.0
  • Helm » Helm » Version: 2.3.1
    cpe:2.3:a:helm:helm:2.3.1
  • Helm » Helm » Version: 2.4.0
    cpe:2.3:a:helm:helm:2.4.0
  • Helm » Helm » Version: 2.4.1
    cpe:2.3:a:helm:helm:2.4.1
  • Helm » Helm » Version: 2.4.2
    cpe:2.3:a:helm:helm:2.4.2
  • Helm » Helm » Version: 2.5.0
    cpe:2.3:a:helm:helm:2.5.0
  • Helm » Helm » Version: 2.5.1
    cpe:2.3:a:helm:helm:2.5.1
  • Helm » Helm » Version: 2.6.0
    cpe:2.3:a:helm:helm:2.6.0
  • Helm » Helm » Version: 2.6.1
    cpe:2.3:a:helm:helm:2.6.1
  • Helm » Helm » Version: 2.6.2
    cpe:2.3:a:helm:helm:2.6.2
  • Helm » Helm » Version: 2.7.0
    cpe:2.3:a:helm:helm:2.7.0
  • Helm » Helm » Version: 2.7.1
    cpe:2.3:a:helm:helm:2.7.1
  • Helm » Helm » Version: 2.7.2
    cpe:2.3:a:helm:helm:2.7.2
  • Helm » Helm » Version: 2.8.0
    cpe:2.3:a:helm:helm:2.8.0
  • Helm » Helm » Version: 2.8.1
    cpe:2.3:a:helm:helm:2.8.1
  • Helm » Helm » Version: 2.8.2
    cpe:2.3:a:helm:helm:2.8.2
  • Helm » Helm » Version: 2.9.0
    cpe:2.3:a:helm:helm:2.9.0
  • Helm » Helm » Version: 2.9.1
    cpe:2.3:a:helm:helm:2.9.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved