CVE-2019-25210
SOURCE - githubSummary
An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor's position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values).
EPSS Score: 0.00045 (0.163)
Common Weakness Enumeration (CWE)
SOURCE - nist
Exposure of Sensitive Information to an Unauthorized Actor
SOURCE - github
Exposure of Sensitive Information to an Unauthorized Actor
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in