CVE-2019-18658 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-18658 Interim 1 26 2025-08-14T01:55:23Z current 2021-05-30T14:32:53Z 2025-08-14T01:55:23Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-18658 In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2020-January/006339.html E-Mail link for SUSE-CU-2020:10-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006340.html E-Mail link for SUSE-CU-2020:11-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006344.html E-Mail link for SUSE-CU-2020:12-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006345.html E-Mail link for SUSE-CU-2020:13-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006346.html E-Mail link for SUSE-CU-2020:14-1 https://lists.suse.com/pipermail/sle-updates/2020-January/013459.html E-Mail link for SUSE-RU-2020:0090-1 https://lists.suse.com/pipermail/sle-updates/2020-January/013457.html E-Mail link for SUSE-RU-2020:0091-1 https://lists.suse.com/pipermail/sle-security-updates/2022-May/011203.html E-Mail link for SUSE-SU-2022:1888-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP5 SUSE Linux Enterprise Module for Containers 15 SP6 SUSE Linux Enterprise Module for Containers 15 SP7 SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Server 15 SP4-TERADATA SUSE Linux Enterprise Module for Containers 15 SP5 SUSE Linux Enterprise Module for Containers 15 SP6 SUSE Linux Enterprise Module for Containers 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP5 SUSE Linux Enterprise Module for Containers 15 SP6 SUSE Linux Enterprise Module for Containers 15 SP7 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed helm helm-bash-completion helm-mirror helm-mirror-0.3.1-1.9 helm-mirror-0.3.1-150000.1.13.1 helm-zsh-completion release-notes-caasp helm-mirror-0.3.1-150000.1.13.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP3 helm-mirror-0.3.1-150000.1.13.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP4 helm-mirror-0.3.1-150000.1.13.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP5 helm-mirror-0.3.1-150000.1.13.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP6 helm-mirror-0.3.1-150000.1.13.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP7 helm-mirror-0.3.1-150000.1.13.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA helm-mirror-0.3.1-150000.1.13.1 as a component of openSUSE Leap 15.3 helm-mirror-0.3.1-150000.1.13.1 as a component of openSUSE Leap 15.4 helm-mirror-0.3.1-1.9 as a component of openSUSE Tumbleweed helm-mirror as a component of SUSE CaaS Platform 4.0 release-notes-caasp as a component of SUSE CaaS Platform 4.0 helm-mirror as a component of SUSE Enterprise Storage 6 helm-mirror as a component of SUSE Enterprise Storage 7 helm-mirror as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS helm-mirror as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS helm as a component of SUSE Linux Enterprise Module for Containers 15 SP3 helm-bash-completion as a component of SUSE Linux Enterprise Module for Containers 15 SP3 helm-zsh-completion as a component of SUSE Linux Enterprise Module for Containers 15 SP3 helm as a component of SUSE Linux Enterprise Module for Containers 15 SP4 helm-bash-completion as a component of SUSE Linux Enterprise Module for Containers 15 SP4 helm-zsh-completion as a component of SUSE Linux Enterprise Module for Containers 15 SP4 helm-mirror as a component of SUSE Linux Enterprise Server 15 SP1-LTSS helm-mirror as a component of SUSE Linux Enterprise Server 15 SP2-LTSS helm-mirror as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 helm-mirror as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue. CVE-2019-18658 SUSE Linux Enterprise Module for Containers 15 SP3:helm-mirror-0.3.1-150000.1.13.1 SUSE Linux Enterprise Module for Containers 15 SP4:helm-mirror-0.3.1-150000.1.13.1 SUSE Linux Enterprise Module for Containers 15 SP5:helm-mirror-0.3.1-150000.1.13.1 SUSE Linux Enterprise Module for Containers 15 SP6:helm-mirror-0.3.1-150000.1.13.1 SUSE Linux Enterprise Module for Containers 15 SP7:helm-mirror-0.3.1-150000.1.13.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:helm-mirror-0.3.1-150000.1.13.1 openSUSE Leap 15.3:helm-mirror-0.3.1-150000.1.13.1 openSUSE Leap 15.4:helm-mirror-0.3.1-150000.1.13.1 openSUSE Tumbleweed:helm-mirror-0.3.1-1.9 SUSE Linux Enterprise Module for Containers 15 SP3:helm SUSE Linux Enterprise Module for Containers 15 SP3:helm-bash-completion SUSE Linux Enterprise Module for Containers 15 SP3:helm-zsh-completion SUSE Linux Enterprise Module for Containers 15 SP4:helm SUSE Linux Enterprise Module for Containers 15 SP4:helm-bash-completion SUSE Linux Enterprise Module for Containers 15 SP4:helm-zsh-completion moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L