{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "helm.sh/helm/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-21303"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-74"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-21T14:30:59Z",
    "nvd_published_at": "2021-02-05T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "\nSince Helm 2 was released, a well-documented aspect of Helm is that the Helm chart\u0027s version number MUST follow the SemVer2 specification. In the past, Helm would not permit charts with malformed versions. At some point, a patch was merged that changed this - On a version parse error, the version number was simply passed along as-is. This provided a vector for malicious data to be injected into Helm and potentially used in various ways.\n\nCore maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen.\n\nFurther, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields.\n\nAll users of the Helm 3 should upgrade.\n\nThose who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data.\n\n### Patches\nThis issue has been resolved in Helm 3.5.2.\n\nWhile this fix does not constitute a breaking change, as all field formatting is now enforced as documented, it is possible that charts that were mistakenly allowed (but invalid) may no longer be available in search indexes. Specifically, **malformed SemVer versions are no longer supported**. This has always been the documented case, but it is true that malformed versions were allowed.\n\nNote that this is the first security release since Helm 2\u0027s final deprecation. Helm 2 was not audited for vulnerability to this issue, and should be assumed vulnerable.",
  "id": "GHSA-c38g-469g-cmgx",
  "modified": "2024-05-31T16:48:30Z",
  "published": "2021-06-23T18:14:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21303"
    },
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-c38g-469g-cmgx"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/helm/helm"
    },
    {
      "type": "WEB",
      "url": "https://github.com/helm/helm/releases/tag/v3.5.2"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2022-1040"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Neutralization of Special Elements in Output in helm.sh/helm/v3"
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "643A27EB-FF84-4B1D-8FD1-A6CFA877D23C",
              "versionEndExcluding": "3.5.2",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data."
    },
    {
      "lang": "es",
      "value": "\"Helm es un software de c\u00f3digo abierto que es esencialmente \"\"The Kubernetes Package Manager\"\". Helm es una herramienta para gestionar Gr\u00e1ficos. Los Gr\u00e1ficos son paquetes de recursos Kubernetes preconfigurados. En Helm versiones desde 3.0 y anteriores a 3.5.2, hab\u00eda algunos casos en los que los datos cargados desde fuentes potencialmente no confiables no eran saneados apropiadamente. Cuando un SemVer en el campo \"\"version\"\" de un gr\u00e1fico no es v\u00e1lido, en algunos casos Helm permite que la cadena sea usada \"\"as is\"\" sin sanearla. Helm no sanea apropiadamente algunos campos presentes en los archivos \"\"index.yaml\"\" del repositorio Helm. Helm no sanea correctamente algunos campos del fichero \"\"plugin.yaml\"\" para los plugins En algunos casos, Helm no sanea apropiadamente los campos del fichero \"\"Chart.yaml\"\". Al explotar estos vectores de ataque, los mantenedores principales fueron capaces de enviar informaci\u00f3n enga\u00f1osa a una pantalla de terminal que ejecutaba el comando \"\"helm\"\", as\u00ed como oscurecer o alterar la informaci\u00f3n en la pantalla. En algunos casos, pod\u00edamos enviar c\u00f3digos que los terminales usaban para ejecutar l\u00f3gica de orden superior, como borrar la pantalla de un terminal. Adem\u00e1s, durante la evaluaci\u00f3n, los mantenedores de Helm detectaron algunos otros campos que no estaban apropiadamente saneados cuando se le\u00edan desde los archivos de \u00edndice del repositorio. Esta correcci\u00f3n remedia todos estos casos, y una vez m\u00e1s aplica las pol\u00edticas de SemVer2 en los campos version. Todos los usuarios de Helm 3 deber\u00edan actualizar a la versi\u00f3n corregida 3.5.2 o posterior. Aquellos que usen Helm como una biblioteca deber\u00edan verificar que sanean estos datos por su cuenta, o que usan las llamadas apropiadas a la API de Helm para sanear los datos"
    }
  ],
  "id": "CVE-2021-21303",
  "lastModified": "2024-11-21T05:47:58.833",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 4.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-02-05T22:15:12.640",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/helm/helm/releases/tag/v3.5.2"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/helm/helm/releases/tag/v3.5.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2021-21303",
    "description": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data.",
    "id": "GSD-2021-21303",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-21303.html",
      "https://security.archlinux.org/CVE-2021-21303"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-21303"
      ],
      "details": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data.",
      "id": "GSD-2021-21303",
      "modified": "2023-12-13T01:23:11.026961Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2021-21303",
        "STATE": "PUBLIC",
        "TITLE": "Injection attack in Helm"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "helm",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003e 3.0, \u003c 3.5.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "helm"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx",
            "refsource": "CONFIRM",
            "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx"
          },
          {
            "name": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a",
            "refsource": "MISC",
            "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a"
          },
          {
            "name": "https://github.com/helm/helm/releases/tag/v3.5.2",
            "refsource": "MISC",
            "url": "https://github.com/helm/helm/releases/tag/v3.5.2"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-c38g-469g-cmgx",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e3.0.0 \u003c3.5.2",
          "affected_versions": "All versions after 3.0.0 before 3.5.2",
          "cvss_v2": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-74",
            "CWE-78",
            "CWE-937"
          ],
          "date": "2021-06-23",
          "description": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data.",
          "fixed_versions": [
            "3.5.2"
          ],
          "identifier": "CVE-2021-21303",
          "identifiers": [
            "GHSA-c38g-469g-cmgx",
            "CVE-2021-21303"
          ],
          "not_impacted": "All versions up to 3.0.0, all versions starting from 3.5.2",
          "package_slug": "go/github.com/helm/helm",
          "pubdate": "2021-06-23",
          "solution": "Upgrade to version 3.5.2 or above.",
          "title": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
          "urls": [
            "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx",
            "https://nvd.nist.gov/vuln/detail/CVE-2021-21303",
            "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a",
            "https://github.com/helm/helm/releases/tag/v3.5.2",
            "https://github.com/advisories/GHSA-c38g-469g-cmgx"
          ],
          "uuid": "f103c508-fabe-4478-8430-d30f62f27a79"
        },
        {
          "affected_range": "\u003e=3.0 \u003c3.5.1",
          "affected_versions": "All versions starting from 3.0 before 3.5.1",
          "cvss_v2": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-74",
            "CWE-78",
            "CWE-937"
          ],
          "date": "2021-06-23",
          "description": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data.",
          "fixed_versions": [
            "3.5.1"
          ],
          "identifier": "CVE-2021-21303",
          "identifiers": [
            "GHSA-c38g-469g-cmgx",
            "CVE-2021-21303"
          ],
          "not_impacted": "All versions before 3.0, all versions starting from 3.5.1",
          "package_slug": "go/helm.sh/helm/v3",
          "pubdate": "2021-06-23",
          "solution": "Upgrade to version 3.5.1 or above.",
          "title": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
          "urls": [
            "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx",
            "https://nvd.nist.gov/vuln/detail/CVE-2021-21303",
            "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a",
            "https://github.com/helm/helm/releases/tag/v3.5.2",
            "https://github.com/advisories/GHSA-c38g-469g-cmgx"
          ],
          "uuid": "b40620d6-7a1b-489a-b5f7-847bf014c376"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.5.2",
                "versionStartIncluding": "3.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-21303"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Helm is open-source software which is essentially \"The Kubernetes Package Manager\". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted sources was not properly sanitized. When a SemVer in the `version` field of a chart is invalid, in some cases Helm allows the string to be used \"as is\" without sanitizing. Helm fails to properly sanitized some fields present on Helm repository `index.yaml` files. Helm does not properly sanitized some fields in the `plugin.yaml` file for plugins In some cases, Helm does not properly sanitize the fields in the `Chart.yaml` file. By exploiting these attack vectors, core maintainers were able to send deceptive information to a terminal screen running the `helm` command, as well as obscure or alter information on the screen. In some cases, we could send codes that terminals used to execute higher-order logic, like clearing a terminal screen. Further, during evaluation, the Helm maintainers discovered a few other fields that were not properly sanitized when read out of repository index files. This fix remedies all such cases, and once again enforces SemVer2 policies on version fields. All users of the Helm 3 should upgrade to the fixed version 3.5.2 or later. Those who use Helm as a library should verify that they either sanitize this data on their own, or use the proper Helm API calls to sanitize the data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-74"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx"
            },
            {
              "name": "https://github.com/helm/helm/releases/tag/v3.5.2",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/helm/helm/releases/tag/v3.5.2"
            },
            {
              "name": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/helm/helm/commit/6ce9ba60b73013857e2e7c73d3f86ed70bc1ac9a"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.3,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2023-03-13T17:26Z",
      "publishedDate": "2021-02-05T22:15Z"
    }
  }
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Db2 Warehouse on Cloud Pak for Data versions ant\u00e9rieures \u00e0 v4.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Control Center versions ant\u00e9rieures \u00e0 6.2.1.0 iFix09",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Db2 on Cloud Pak for Data versions ant\u00e9rieures \u00e0 v4.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Watson Discovery versions ant\u00e9rieures \u00e0 4.6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21303"
    },
    {
      "name": "CVE-2016-1000023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000023"
    },
    {
      "name": "CVE-2022-3515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
    },
    {
      "name": "CVE-2022-36055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36055"
    },
    {
      "name": "CVE-2021-32690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32690"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-42889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
    },
    {
      "name": "CVE-2022-41296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41296"
    },
    {
      "name": "CVE-2022-34903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
    },
    {
      "name": "CVE-2022-3172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3172"
    },
    {
      "name": "CVE-2022-41297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41297"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    }
  ],
  "initial_release_date": "2022-12-01T00:00:00",
  "last_revision_date": "2022-12-01T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-1069",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-12-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6840941 du 30 novembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6840941"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6842547 du 30 novembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6842547"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6840925 du 30 novembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6840925"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6843071 du 30 novembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6843071"
    }
  ]
}