CVE-2020-4053

low-risk
Published 2020-06-16

In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended directory. This has been fixed in 3.2.4.

Do I need to act?

-
0.41% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.7/10 Low
NETWORK / HIGH complexity

Affected Products (1)

Affected Vendors

Helm

References (6)

Patch https://github.com/helm/helm/commit/0ad800ef43d3b826f31a5ad8dfbb4fe05d143688
Release Notes https://github.com/helm/helm/releases/tag/v3.2.4
Vendor Advisory https://github.com/helm/helm/security/advisories/GHSA-qq3j-xp49-j73f
Patch https://github.com/helm/helm/commit/0ad800ef43d3b826f31a5ad8dfbb4fe05d143688
Release Notes https://github.com/helm/helm/releases/tag/v3.2.4
Vendor Advisory https://github.com/helm/helm/security/advisories/GHSA-qq3j-xp49-j73f
20
/ 100
low-risk
Severity 13/34 · Low
Exploitability 2/34 · Minimal
Exposure 5/34 · Minimal