The Helm project has a common process and policy that can be found here.
Security: helm/helm
Security
SECURITY.md
-
Incorrect YAML Content Leads To PanicGHSA-f9f8-9pmf-xv68 published
Aug 13, 2025 by robertsircModerate -
Helm Charts with Specific JSON Schema Values Can Cause Memory ExhaustionGHSA-9h84-qmv7-982p published
Aug 13, 2025 by robertsircModerate -
Chart Dependency Updating With Malicious Chart.yaml Content And SymlinkGHSA-557j-xg8c-q2mm published
Jul 8, 2025 by robertsircHigh -
Specially Crafted JSON Schema Can Cause Stack OverflowGHSA-5xqw-8hwv-wg92 published
Apr 9, 2025 by robertsircModerate -
Specially Crafted Chart Archive Can Cause Out Of Memory TerminationGHSA-4hfp-h4cw-hj8p published
Apr 9, 2025 by robertsircModerate -
Missing YAML Content Leads To PanicGHSA-r53h-jv2g-vpx6 published
Feb 21, 2024 by mattfarinaModerate -
Dependency management path traversalGHSA-v53g-5gjp-272r published
Feb 14, 2024 by mattfarinaModerate -
getHostByName Function Information DisclosureGHSA-pwcw-6f5g-gxf8 published
Feb 8, 2023 by mattfarinaLow -
Denial of service through string value parsingGHSA-6rx9-889q-vv2r published
Dec 14, 2022 by hickeymaModerate -
Denial of service through through repository index fileGHSA-53c4-hhmh-vw5q published
Dec 14, 2022 by hickeymaModerate
Learn more about advisories related to helm/helm in the GitHub Advisory Database