Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-15185

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker must have write access to the index file (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the index file in the Helm repository cache before installing software.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.7%
CVSS Severity
CVSS v3 Score 2.2
CVSS v2 Score 4.0
Products affected by CVE-2020-15185
  • Helm » Helm » Version: 2.0.0
    cpe:2.3:a:helm:helm:2.0.0
  • Helm » Helm » Version: 2.0.1
    cpe:2.3:a:helm:helm:2.0.1
  • Helm » Helm » Version: 2.0.2
    cpe:2.3:a:helm:helm:2.0.2
  • Helm » Helm » Version: 2.1.0
    cpe:2.3:a:helm:helm:2.1.0
  • Helm » Helm » Version: 2.1.1
    cpe:2.3:a:helm:helm:2.1.1
  • Helm » Helm » Version: 2.1.2
    cpe:2.3:a:helm:helm:2.1.2
  • Helm » Helm » Version: 2.1.3
    cpe:2.3:a:helm:helm:2.1.3
  • Helm » Helm » Version: 2.10.0
    cpe:2.3:a:helm:helm:2.10.0
  • Helm » Helm » Version: 2.11.0
    cpe:2.3:a:helm:helm:2.11.0
  • Helm » Helm » Version: 2.12.0
    cpe:2.3:a:helm:helm:2.12.0
  • Helm » Helm » Version: 2.12.1
    cpe:2.3:a:helm:helm:2.12.1
  • Helm » Helm » Version: 2.12.2
    cpe:2.3:a:helm:helm:2.12.2
  • Helm » Helm » Version: 2.12.3
    cpe:2.3:a:helm:helm:2.12.3
  • Helm » Helm » Version: 2.13.0
    cpe:2.3:a:helm:helm:2.13.0
  • Helm » Helm » Version: 2.13.1
    cpe:2.3:a:helm:helm:2.13.1
  • Helm » Helm » Version: 2.14.0
    cpe:2.3:a:helm:helm:2.14.0
  • Helm » Helm » Version: 2.14.1
    cpe:2.3:a:helm:helm:2.14.1
  • Helm » Helm » Version: 2.14.2
    cpe:2.3:a:helm:helm:2.14.2
  • Helm » Helm » Version: 2.14.3
    cpe:2.3:a:helm:helm:2.14.3
  • Helm » Helm » Version: 2.15.0
    cpe:2.3:a:helm:helm:2.15.0
  • Helm » Helm » Version: 2.15.1
    cpe:2.3:a:helm:helm:2.15.1
  • Helm » Helm » Version: 2.15.2
    cpe:2.3:a:helm:helm:2.15.2
  • Helm » Helm » Version: 2.16.0
    cpe:2.3:a:helm:helm:2.16.0
  • Helm » Helm » Version: 2.16.1
    cpe:2.3:a:helm:helm:2.16.1
  • Helm » Helm » Version: 2.16.10
    cpe:2.3:a:helm:helm:2.16.10
  • Helm » Helm » Version: 2.16.2
    cpe:2.3:a:helm:helm:2.16.2
  • Helm » Helm » Version: 2.16.3
    cpe:2.3:a:helm:helm:2.16.3
  • Helm » Helm » Version: 2.16.4
    cpe:2.3:a:helm:helm:2.16.4
  • Helm » Helm » Version: 2.16.5
    cpe:2.3:a:helm:helm:2.16.5
  • Helm » Helm » Version: 2.16.6
    cpe:2.3:a:helm:helm:2.16.6
  • Helm » Helm » Version: 2.16.7
    cpe:2.3:a:helm:helm:2.16.7
  • Helm » Helm » Version: 2.16.8
    cpe:2.3:a:helm:helm:2.16.8
  • Helm » Helm » Version: 2.16.9
    cpe:2.3:a:helm:helm:2.16.9
  • Helm » Helm » Version: 2.2.0
    cpe:2.3:a:helm:helm:2.2.0
  • Helm » Helm » Version: 2.2.1
    cpe:2.3:a:helm:helm:2.2.1
  • Helm » Helm » Version: 2.2.2
    cpe:2.3:a:helm:helm:2.2.2
  • Helm » Helm » Version: 2.2.3
    cpe:2.3:a:helm:helm:2.2.3
  • Helm » Helm » Version: 2.3.0
    cpe:2.3:a:helm:helm:2.3.0
  • Helm » Helm » Version: 2.3.1
    cpe:2.3:a:helm:helm:2.3.1
  • Helm » Helm » Version: 2.4.0
    cpe:2.3:a:helm:helm:2.4.0
  • Helm » Helm » Version: 2.4.1
    cpe:2.3:a:helm:helm:2.4.1
  • Helm » Helm » Version: 2.4.2
    cpe:2.3:a:helm:helm:2.4.2
  • Helm » Helm » Version: 2.5.0
    cpe:2.3:a:helm:helm:2.5.0
  • Helm » Helm » Version: 2.5.1
    cpe:2.3:a:helm:helm:2.5.1
  • Helm » Helm » Version: 2.6.0
    cpe:2.3:a:helm:helm:2.6.0
  • Helm » Helm » Version: 2.6.1
    cpe:2.3:a:helm:helm:2.6.1
  • Helm » Helm » Version: 2.6.2
    cpe:2.3:a:helm:helm:2.6.2
  • Helm » Helm » Version: 2.7.0
    cpe:2.3:a:helm:helm:2.7.0
  • Helm » Helm » Version: 2.7.1
    cpe:2.3:a:helm:helm:2.7.1
  • Helm » Helm » Version: 2.7.2
    cpe:2.3:a:helm:helm:2.7.2
  • Helm » Helm » Version: 2.8.0
    cpe:2.3:a:helm:helm:2.8.0
  • Helm » Helm » Version: 2.8.1
    cpe:2.3:a:helm:helm:2.8.1
  • Helm » Helm » Version: 2.8.2
    cpe:2.3:a:helm:helm:2.8.2
  • Helm » Helm » Version: 2.9.0
    cpe:2.3:a:helm:helm:2.9.0
  • Helm » Helm » Version: 2.9.1
    cpe:2.3:a:helm:helm:2.9.1
  • Helm » Helm » Version: 3.0.0
    cpe:2.3:a:helm:helm:3.0.0
  • Helm » Helm » Version: 3.0.1
    cpe:2.3:a:helm:helm:3.0.1
  • Helm » Helm » Version: 3.0.2
    cpe:2.3:a:helm:helm:3.0.2
  • Helm » Helm » Version: 3.0.3
    cpe:2.3:a:helm:helm:3.0.3
  • Helm » Helm » Version: 3.1.0
    cpe:2.3:a:helm:helm:3.1.0
  • Helm » Helm » Version: 3.1.1
    cpe:2.3:a:helm:helm:3.1.1
  • Helm » Helm » Version: 3.1.2
    cpe:2.3:a:helm:helm:3.1.2
  • Helm » Helm » Version: 3.1.3
    cpe:2.3:a:helm:helm:3.1.3
  • Helm » Helm » Version: 3.2.0
    cpe:2.3:a:helm:helm:3.2.0
  • Helm » Helm » Version: 3.2.1
    cpe:2.3:a:helm:helm:3.2.1
  • Helm » Helm » Version: 3.2.2
    cpe:2.3:a:helm:helm:3.2.2
  • Helm » Helm » Version: 3.2.3
    cpe:2.3:a:helm:helm:3.2.3
  • Helm » Helm » Version: 3.2.4
    cpe:2.3:a:helm:helm:3.2.4
  • Helm » Helm » Version: 3.3.0
    cpe:2.3:a:helm:helm:3.3.0
  • Helm » Helm » Version: 3.3.1
    cpe:2.3:a:helm:helm:3.3.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved