CVE-2019-25210

SOURCE - github

Summary

An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor's position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values).

EPSS Score⁠: 0.00045 (0.161)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-noinfo⁠

SOURCE - github

CWE-200⁠

Exposure of Sensitive Information to an Unauthorized Actor

SOURCE - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-200⁠

Exposure of Sensitive Information to an Unauthorized Actor

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Sources (45)

Impacted images

GitHub

CREATED

5 months ago

UPDATED

5 months ago

SOURCE IDGHSA-jw44-4f3j-q396⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-200⁠

CVSS SCORE

N/Amedium

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
helm.sh/helm/v3	golang	-	-	>=3.0.0,<=3.14.2	Not yet available

Severity and metrics

No CVSS data available from this source.

NIST

CREATED

5 months ago

UPDATED

2 months ago

SOURCE IDCVE-2019-25210⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-noinfo⁠

RATING UNAVAILABLE FROM SOURCE

GitLab

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CVE-2019-25210

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-200⁠CWE-937⁠

CVSS SCORE

N/Aunspecified

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

SOURCE ID

CGA-6cw7-c57f-pcxw

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-3765-975m-4wp2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-2cj2-8mc2-3rx5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-2359-w7f8-hwcm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-57wv-cx35-8wwj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-594h-8wm6-67qq

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-5h54-6x82-6mj7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-gggw-c957-cc4r

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-gm43-rf72-687v

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-fgqm-2j7g-887c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-mxvx-4pcp-f7gc

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-wrq5-qjch-p7wf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-x237-v27j-pwg7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-2w6c-9967-2m98

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-337p-jfx9-hj55

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-6frq-wh54-6rc8

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-mrx5-p97r-j2f3

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-w3wh-5wj5-7fjq

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-wp67-cpgg-6hjq

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-83w8-8q2w-9vvv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-85vf-9g7x-h648

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-867p-28cp-c6wp

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-88p6-65c2-4888

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-r776-6mc7-f8cc

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-rjwg-33wh-5r8w

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-4w9g-ffhm-3ppm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-56xq-fvfc-hx7h

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-x9pq-7c2p-q6j2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-xj2h-hmvh-f742

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-645w-jfx9-2mfx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-h6vp-m9pp-mfxr

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-hggv-67cc-rjpf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-c3vw-phcc-7vhv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-jwpw-h2f3-frx4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-m3fr-q79h-cxqv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-8cpr-3643-vxw8

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-h3mx-jvxm-3p75

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-h674-7fqh-7p26

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-rp7w-g86x-hpg4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-q4m3-c6hw-6gvv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

SOURCE ID

CGA-q85j-83g4-mpgh

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

SOURCE ID

CGA-x76g-3jw7-c6wg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE