Homepage

helm vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the helm package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
CVE-2025-4673

*
  • H
Improper Certificate Validation

*
  • H
Asymmetric Resource Consumption (Amplification)

*
  • H
Improper Validation of Syntactic Correctness of Input

*
  • H
Improper Validation of Syntactic Correctness of Input

*
  • M
Improper Input Validation

*
  • M
Misinterpretation of Input

*
  • H
Resource Exhaustion

*
  • M
Placement of User into Incorrect Group

*
  • M
Placement of User into Incorrect Group

*
  • L
Improper Verification of Cryptographic Signature

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • H
Insufficient Entropy

*
  • M
Cross-site Scripting (XSS)

*
  • M
Resource Exhaustion

*
  • M
Improper Input Validation

*
  • M
Missing Release of Resource after Effective Lifetime

*
  • L
Improper Handling of Exceptional Conditions

*
  • L
Insufficient Entropy

*
  • L
Insufficient Entropy

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Improper Input Validation

*
  • M
Buffer Overflow

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Improper Input Validation

*
  • M
Information Exposure

*
  • L
Resource Exhaustion

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
CVE-2023-39321

*
  • M
Cross-site Scripting (XSS)

*
  • M
Resource Exhaustion

*
  • M
Improper Handling of Unicode Encoding

*
  • M
Cross-site Scripting (XSS)

*
  • M
HTTP Response Splitting

*
  • M
Directory Traversal

*
  • M
Improper Handling of Unicode Encoding

*
  • M
Resource Exhaustion

*
  • M
Arbitrary Code Injection

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
Information Exposure

*
  • M
CVE-2022-41715

*
  • M
Resource Exhaustion

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
HTTP Request Smuggling

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
HTTP Request Smuggling

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
HTTP Request Smuggling

*
  • M
Resource Exhaustion

*
  • M
Arbitrary Code Injection

*
  • H
Improper Handling of Unicode Encoding

*
  • M
Use of Uninitialized Variable

*
  • M
Use of Uninitialized Variable

*
  • H
Arbitrary Argument Injection

*
  • H
Memory Leak

*
  • H
Memory Leak

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Misinterpretation of Input

*
  • M
NULL Pointer Dereference

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Arbitrary Code Injection

*
  • M
CVE-2020-15187

*
  • L
CVE-2020-15185

*
  • L
Resource Exhaustion

*
  • H
Authorization Bypass Through User-Controlled Key

*