CVE-2019-25210
Description
An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm through 3.13.3. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor's position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values). Also, it is not the Helm Project's responsibility if a user decides to use --dry-run within a CI/CD environment whose output is visible to unauthorized persons.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
helm.sh/helm/v3Go | >= 3.0.0, <= 3.14.2 | — |
Affected products
221- Cloud Native Computing Foundation/Helmdescription
- osv-coords220 versionspkg:apk/chainguard/cert-manager-1.11pkg:apk/chainguard/cert-manager-1.11-acmesolverpkg:apk/chainguard/cert-manager-1.11-cainjectorpkg:apk/chainguard/cert-manager-1.11-controllerpkg:apk/chainguard/cert-manager-1.11-webhookpkg:apk/chainguard/cert-manager-1.12pkg:apk/chainguard/cert-manager-1.12-acmesolverpkg:apk/chainguard/cert-manager-1.12-cainjectorpkg:apk/chainguard/cert-manager-1.12-controllerpkg:apk/chainguard/cert-manager-1.12-webhookpkg:apk/chainguard/cert-manager-1.13pkg:apk/chainguard/cert-manager-1.13-acmesolverpkg:apk/chainguard/cert-manager-1.13-cainjectorpkg:apk/chainguard/cert-manager-1.13-controllerpkg:apk/chainguard/cert-manager-1.13-webhookpkg:apk/chainguard/cert-manager-1.14pkg:apk/chainguard/cert-manager-1.14-acmesolverpkg:apk/chainguard/cert-manager-1.14-cainjectorpkg:apk/chainguard/cert-manager-1.14-controllerpkg:apk/chainguard/cert-manager-1.14-startupapicheckpkg:apk/chainguard/cert-manager-1.14-webhookpkg:apk/chainguard/cert-manager-acmesolver-1.12pkg:apk/chainguard/cert-manager-acmesolver-1.12-bitnami-compatpkg:apk/chainguard/cert-manager-acmesolver-1.12-iamguarded-compatpkg:apk/chainguard/cert-manager-acmesolver-fips-1.12pkg:apk/chainguard/cert-manager-cainjector-1.12pkg:apk/chainguard/cert-manager-cainjector-1.12-bitnami-compatpkg:apk/chainguard/cert-manager-cainjector-1.12-iamguarded-compatpkg:apk/chainguard/cert-manager-cainjector-fips-1.12pkg:apk/chainguard/cert-manager-controller-1.12pkg:apk/chainguard/cert-manager-controller-1.12-bitnami-compatpkg:apk/chainguard/cert-manager-controller-1.12-iamguarded-compatpkg:apk/chainguard/cert-manager-controller-fips-1.12pkg:apk/chainguard/cert-manager-fips-1.12pkg:apk/chainguard/cert-manager-fips-1.12-acmesolverpkg:apk/chainguard/cert-manager-fips-1.12-cainjectorpkg:apk/chainguard/cert-manager-fips-1.12-cmctlpkg:apk/chainguard/cert-manager-fips-1.12-controllerpkg:apk/chainguard/cert-manager-fips-1.12-webhookpkg:apk/chainguard/cert-manager-fips-1.13pkg:apk/chainguard/cert-manager-fips-1.13-acmesolverpkg:apk/chainguard/cert-manager-fips-1.13-cainjectorpkg:apk/chainguard/cert-manager-fips-1.13-cmctlpkg:apk/chainguard/cert-manager-fips-1.13-controllerpkg:apk/chainguard/cert-manager-fips-1.13-webhookpkg:apk/chainguard/cert-manager-fips-1.14pkg:apk/chainguard/cert-manager-fips-1.14-acmesolverpkg:apk/chainguard/cert-manager-fips-1.14-cainjectorpkg:apk/chainguard/cert-manager-fips-1.14-cmctlpkg:apk/chainguard/cert-manager-fips-1.14-controllerpkg:apk/chainguard/cert-manager-fips-1.14-startupapicheckpkg:apk/chainguard/cert-manager-fips-1.14-webhookpkg:apk/chainguard/cert-manager-webhook-1.12pkg:apk/chainguard/cert-manager-webhook-1.12-bitnami-compatpkg:apk/chainguard/cert-manager-webhook-1.12-iamguarded-compatpkg:apk/chainguard/cert-manager-webhook-fips-1.12pkg:apk/chainguard/chartmuseumpkg:apk/chainguard/cilium-clipkg:apk/chainguard/cmctl-1.11pkg:apk/chainguard/cmctl-1.12pkg:apk/chainguard/cmctl-1.12-fipspkg:apk/chainguard/cmctl-1.13pkg:apk/chainguard/cmctl-1.13-fipspkg:apk/chainguard/cmctl-1.14pkg:apk/chainguard/cmctl-1.14-fipspkg:apk/chainguard/cmctl-fips-1.12pkg:apk/chainguard/eksctlpkg:apk/chainguard/fluxcd-source-controller-bitnami-compatpkg:apk/chainguard/flux-helm-controllerpkg:apk/chainguard/flux-helm-controller-0pkg:apk/chainguard/flux-helm-controller-0.37pkg:apk/chainguard/flux-helm-controller-bitnami-compatpkg:apk/chainguard/flux-helm-controller-iamguarded-compatpkg:apk/chainguard/flux-source-controllerpkg:apk/chainguard/flux-source-controller-0pkg:apk/chainguard/flux-source-controller-0.37pkg:apk/chainguard/flux-source-controller-bitnami-compatpkg:apk/chainguard/flux-source-controller-iamguarded-compatpkg:apk/chainguard/helmpkg:apk/chainguard/helm-3pkg:apk/chainguard/helm-4pkg:apk/chainguard/helm-fips-3pkg:apk/chainguard/helm-fips-4pkg:apk/chainguard/helm-operatorpkg:apk/chainguard/helm-operator-compatpkg:apk/chainguard/helm-operator-fipspkg:apk/chainguard/helm-operator-fips-compatpkg:apk/chainguard/helm-pushpkg:apk/chainguard/istio-cni-fips-1.20pkg:apk/chainguard/istio-cni-fips-1.20-compatpkg:apk/chainguard/istio-cni-fips-1.21pkg:apk/chainguard/istio-cni-fips-1.21-compatpkg:apk/chainguard/istio-fips-1.20pkg:apk/chainguard/istio-fips-1.21pkg:apk/chainguard/istio-install-cni-fips-1.20pkg:apk/chainguard/istio-install-cni-fips-1.20-compatpkg:apk/chainguard/istio-install-cni-fips-1.21pkg:apk/chainguard/istio-install-cni-fips-1.21-compatpkg:apk/chainguard/istio-operator-1.19pkg:apk/chainguard/istio-operator-1.20pkg:apk/chainguard/istio-operator-1.21pkg:apk/chainguard/istio-operator-fips-1.19pkg:apk/chainguard/istio-operator-fips-1.20pkg:apk/chainguard/istio-operator-fips-1.21pkg:apk/chainguard/istio-pilot-agent-1.18pkg:apk/chainguard/istio-pilot-agent-1.18-compatpkg:apk/chainguard/istio-pilot-agent-fips-1.20pkg:apk/chainguard/istio-pilot-agent-fips-1.20-compatpkg:apk/chainguard/istio-pilot-agent-fips-1.21pkg:apk/chainguard/istio-pilot-agent-fips-1.21-compatpkg:apk/chainguard/istio-pilot-discovery-1.18pkg:apk/chainguard/istio-pilot-discovery-1.18-compatpkg:apk/chainguard/istio-pilot-discovery-fips-1.20pkg:apk/chainguard/istio-pilot-discovery-fips-1.21pkg:apk/chainguard/k8sgptpkg:apk/chainguard/k9spkg:apk/chainguard/kotspkg:apk/chainguard/kots-compatpkg:apk/chainguard/kots-symlink-compatpkg:apk/chainguard/kubescapepkg:apk/chainguard/kubevelapkg:apk/chainguard/kubevela-vela-clipkg:apk/chainguard/kubevela-vela-corepkg:apk/chainguard/kubevela-vela-core-compatpkg:apk/chainguard/kuma-2.4pkg:apk/chainguard/kuma-2.5pkg:apk/chainguard/kuma-2.6pkg:apk/chainguard/kuma-cni-2.4pkg:apk/chainguard/kuma-cni-2.5pkg:apk/chainguard/kuma-cni-2.6pkg:apk/chainguard/kuma-cni-compat-2.4pkg:apk/chainguard/kuma-cni-compat-2.5pkg:apk/chainguard/kuma-cni-compat-2.6pkg:apk/chainguard/kuma-cp-2.4pkg:apk/chainguard/kuma-cp-2.5pkg:apk/chainguard/kuma-cp-2.6pkg:apk/chainguard/kumactl-2.4pkg:apk/chainguard/kumactl-2.5pkg:apk/chainguard/kumactl-2.6pkg:apk/chainguard/kuma-dp-2.4pkg:apk/chainguard/kuma-dp-2.5pkg:apk/chainguard/kuma-dp-2.6pkg:apk/chainguard/kuma-install-cni-2.4pkg:apk/chainguard/kuma-install-cni-2.5pkg:apk/chainguard/kuma-install-cni-2.6pkg:apk/chainguard/plutopkg:apk/chainguard/pluto-compatpkg:apk/chainguard/trivypkg:apk/chainguard/uppkg:apk/chainguard/vela-clipkg:apk/chainguard/vela-corepkg:apk/chainguard/zarfpkg:apk/chainguard/zotpkg:apk/wolfi/cert-manager-1.11pkg:apk/wolfi/cert-manager-1.11-acmesolverpkg:apk/wolfi/cert-manager-1.11-cainjectorpkg:apk/wolfi/cert-manager-1.11-controllerpkg:apk/wolfi/cert-manager-1.11-webhookpkg:apk/wolfi/cert-manager-1.12pkg:apk/wolfi/cert-manager-1.12-acmesolverpkg:apk/wolfi/cert-manager-1.12-cainjectorpkg:apk/wolfi/cert-manager-1.12-controllerpkg:apk/wolfi/cert-manager-1.12-webhookpkg:apk/wolfi/cert-manager-1.13pkg:apk/wolfi/cert-manager-1.13-acmesolverpkg:apk/wolfi/cert-manager-1.13-cainjectorpkg:apk/wolfi/cert-manager-1.13-controllerpkg:apk/wolfi/cert-manager-1.13-webhookpkg:apk/wolfi/cert-manager-1.14pkg:apk/wolfi/cert-manager-1.14-acmesolverpkg:apk/wolfi/cert-manager-1.14-cainjectorpkg:apk/wolfi/cert-manager-1.14-controllerpkg:apk/wolfi/cert-manager-1.14-startupapicheckpkg:apk/wolfi/cert-manager-1.14-webhookpkg:apk/wolfi/chartmuseumpkg:apk/wolfi/cilium-clipkg:apk/wolfi/cmctl-1.11pkg:apk/wolfi/cmctl-1.12pkg:apk/wolfi/cmctl-1.13pkg:apk/wolfi/cmctl-1.14pkg:apk/wolfi/eksctlpkg:apk/wolfi/fluxcd-source-controller-bitnami-compatpkg:apk/wolfi/flux-helm-controllerpkg:apk/wolfi/flux-helm-controller-bitnami-compatpkg:apk/wolfi/flux-helm-controller-iamguarded-compatpkg:apk/wolfi/flux-source-controllerpkg:apk/wolfi/flux-source-controller-bitnami-compatpkg:apk/wolfi/flux-source-controller-iamguarded-compatpkg:apk/wolfi/helmpkg:apk/wolfi/helm-3pkg:apk/wolfi/helm-4pkg:apk/wolfi/helm-operatorpkg:apk/wolfi/helm-operator-compatpkg:apk/wolfi/helm-pushpkg:apk/wolfi/istio-operator-1.19pkg:apk/wolfi/istio-operator-1.20pkg:apk/wolfi/istio-operator-1.21pkg:apk/wolfi/istio-pilot-agent-1.18pkg:apk/wolfi/istio-pilot-agent-1.18-compatpkg:apk/wolfi/istio-pilot-discovery-1.18pkg:apk/wolfi/istio-pilot-discovery-1.18-compatpkg:apk/wolfi/k8sgptpkg:apk/wolfi/k9spkg:apk/wolfi/kotspkg:apk/wolfi/kots-compatpkg:apk/wolfi/kots-symlink-compatpkg:apk/wolfi/kubescapepkg:apk/wolfi/kubevelapkg:apk/wolfi/kubevela-vela-clipkg:apk/wolfi/kubevela-vela-corepkg:apk/wolfi/kubevela-vela-core-compatpkg:apk/wolfi/plutopkg:apk/wolfi/pluto-compatpkg:apk/wolfi/trivypkg:apk/wolfi/uppkg:apk/wolfi/vela-clipkg:apk/wolfi/vela-corepkg:apk/wolfi/zarfpkg:apk/wolfi/zotpkg:golang/helm.sh/helm/v3
< 0+ 219 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 0
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 0
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 0
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.16.2-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.21.3-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.32.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.16.2-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.32.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: >= 3.0.0, <= 3.14.2
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.