Launch Week Day 1: Announcing Security Design Review
Start for Free
go

helm.sh/helm/v3

View on go registry
38 Total advisories
38 Vulnerabilities
0 Malware

Vulnerabilities

UNKNOWN
Go

CVE-2026-35206

Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment
LOW 3.4
Go

CVE-2020-15186

Improper Sanitizing of plugin names in helm
LOW 2.2
Go

CVE-2020-15185

Repository index file allows for duplicates of the same chart entry in helm
UNKNOWN
Go

CVE-2021-32690

Helm passes repository credentials to alternate domain
LOW 3.7
Go

CVE-2020-15184

Aliases are never checked in helm
LOW 3.7
Go

CVE-2020-4053

Plugin archive directory traversal in Helm
MEDIUM 6.5
Go

CVE-2021-21303

Improper Neutralization of Special Elements in Output in helm.sh/helm/v3
HIGH 8.5
Go

CVE-2020-11013

Lookup function information discolosure in helm
LOW 3.0
Go

CVE-2020-15187

plugin.yaml file allows for duplicate entries in helm
MEDIUM 4.3
Go

CVE-2023-25165

Helm vulnerable to information disclosure via getHostByName Function

UNKNOWN
Go

CVE-2022-23524

Denial of service in string value parsing in helm.sh/helm/v3
UNKNOWN
Go

CVE-2022-23526

Denial of service via schema file in helm.sh/helm/v3
UNKNOWN
Go

CVE-2023-25165

Information disclosure in helm.sh/helm/v3
UNKNOWN
Go

CVE-2025-32387

Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow in helm.sh/helm
UNKNOWN
Go

CVE-2021-32690

Repository credentials passed to alternate domain in helm.sh/helm/v3
MEDIUM 6.5
Go

CVE-2025-32386

Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination
UNKNOWN
Go

CVE-2022-23525

Denial of service via repository index file in helm.sh/helm/v3
UNKNOWN
Go

CVE-2025-53547

Helm vulnerable to Code Injection through malicious chart.yaml content in helm.sh/helm
HIGH 7.5
Go

CVE-2020-7919

Helm uses crypto package vulnerable to panic from malformed X.509 certificate
UNKNOWN
Go

CVE-2025-32386

Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination in helm.sh/helm
UNKNOWN
Go

CVE-2024-26147

Helm's Missing YAML Content Leads To Panic in helm.sh/helm/v3
UNKNOWN
Go

CVE-2025-55199

Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion in helm.sh/helm
MEDIUM 6.8
Go

CVE-2021-32690

Duplicate Advisory: Helm passes repository credentials to alternate domain
MEDIUM 6.5
Go

CVE-2025-55199

Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion
MEDIUM 6.5
Go

CVE-2025-55198

Helm May Panic Due To Incorrect YAML Content
HIGH 8.5
Go

CVE-2025-53547

Helm vulnerable to Code Injection through malicious chart.yaml content
MEDIUM 6.5
Go

CVE-2025-32387

Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
UNKNOWN
Go

CVE-2022-36055

Denial of service through string value parsing in helm.sh/helm/v3
HIGH 7.5
Go

CVE-2024-26147

Helm's Missing YAML Content Leads To Panic
MEDIUM 6.5
Go

CVE-2019-25210

Withdrawn Advisory: Helm shows secrets in clear text
MEDIUM 5.3
Go

CVE-2022-23524

Helm vulnerable to denial of service through string value parsing
MEDIUM 6.5
Go

CVE-2022-36055

Helm Vulnerable to denial of service through string value parsing
MEDIUM 5.3
Go

CVE-2022-23526

Helm vulnerable to denial of service through schema file
UNKNOWN
Go

CVE-2024-25620

Path traversal in helm.sh/helm/v3
MEDIUM 6.4
Go

CVE-2024-25620

Helm dependency management path traversal
UNKNOWN
Go

CVE-2025-55198

Helm May Panic Due To Incorrect YAML Content in helm.sh/helm
MEDIUM 5.3
Go

CVE-2022-23525

Helm vulnerable to denial of service through through repository index file
UNKNOWN
Go

CVE-2021-21303

Insufficient sanitization of data files in helm.sh/helm/v3

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes