CVE-2024-25620 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-25620 PUBLISHED

Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.

EPSS 0.17% · 37.8th percentile

Risk Scores

EPSS Score

0.17%

37.8th percentile

Affected Products

Vendor	Product	Versions
Bitnami	helm	0
Bitnami	helm	0

Timeline

Jan 21, 1970 Security Advisory
Feb 14, 2024 CVE Published
Feb 15, 2024 EPSS Score
Mar 12, 2024 EPSS Score
Apr 8, 2024 EPSS Score
May 4, 2024 EPSS Score
May 31, 2024 EPSS Score
Jun 26, 2024 EPSS Score
Jul 23, 2024 EPSS Score
Aug 18, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 10, 2024 EPSS Score

References

Open in Interactive Console →