{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35206", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-01T18:48:58.937Z", "datePublished": "2026-04-09T21:02:13.594Z", "dateUpdated": "2026-04-14T14:45:12.096Z"}, "containers": {"cna": {"title": "Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr"}, {"name": "https://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436", "tags": ["x_refsource_MISC"], "url": "https://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436"}, {"name": "https://github.com/helm/helm/releases/tag/v4.1.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/helm/helm/releases/tag/v4.1.4"}], "affected": [{"vendor": "helm", "product": "helm", "versions": [{"version": ">= 4.0.0, < 4.1.4", "status": "affected"}, {"version": "< 3.20.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T21:02:13.594Z"}, "descriptions": [{"lang": "en", "value": "Helm is a package manager for Charts for Kubernetes. In Helm versions <=3.20.1 and <=4.1.3, a specially crafted Chart will cause helm pull --untar [chart URL | repo/chartname] to write the Chart's contents to the immediate output directory (as defaulted to the current working directory; or as given by the --destination and --untardir flags), rather than the expected output directory suffixed by the chart's name. This vulnerability is fixed in 3.20.2 and 4.1.4."}], "source": {"advisory": "GHSA-hr2v-4r36-88hr", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T14:45:03.230344Z", "id": "CVE-2026-35206", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T14:45:12.096Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35206", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T14:45:03.230344Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T14:45:08.743Z"}}], "cna": {"title": "Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment", "source": {"advisory": "GHSA-hr2v-4r36-88hr", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "helm", "product": "helm", "versions": [{"status": "affected", "version": ">= 4.0.0, < 4.1.4"}, {"status": "affected", "version": "< 3.20.2"}]}], "references": [{"url": "https://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr", "name": "https://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436", "name": "https://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/helm/helm/releases/tag/v4.1.4", "name": "https://github.com/helm/helm/releases/tag/v4.1.4", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Helm is a package manager for Charts for Kubernetes. In Helm versions <=3.20.1 and <=4.1.3, a specially crafted Chart will cause helm pull --untar [chart URL | repo/chartname] to write the Chart's contents to the immediate output directory (as defaulted to the current working directory; or as given by the --destination and --untardir flags), rather than the expected output directory suffixed by the chart's name. This vulnerability is fixed in 3.20.2 and 4.1.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T21:02:13.594Z"}}}, "cveMetadata": {"cveId": "CVE-2026-35206", "state": "PUBLISHED", "dateUpdated": "2026-04-14T14:45:12.096Z", "dateReserved": "2026-04-01T18:48:58.937Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-09T21:02:13.594Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*", "matchCriteriaId": "07487FEE-D6F0-42D6-953A-C1C68CFEB0EE", "versionEndExcluding": "3.20.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*", "matchCriteriaId": "800B9949-E36B-45F3-9EA0-CA9DDA3D8868", "versionEndExcluding": "4.1.4", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Helm is a package manager for Charts for Kubernetes. In Helm versions <=3.20.1 and <=4.1.3, a specially crafted Chart will cause helm pull --untar [chart URL | repo/chartname] to write the Chart's contents to the immediate output directory (as defaulted to the current working directory; or as given by the --destination and --untardir flags), rather than the expected output directory suffixed by the chart's name. This vulnerability is fixed in 3.20.2 and 4.1.4."}], "id": "CVE-2026-35206", "lastModified": "2026-04-16T20:36:08.770", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-09T21:16:09.993", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/helm/helm/releases/tag/v4.1.4"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "github.com/helm/helm: Helm: Files written to unexpected directory via specially crafted Chart", "id": "2457151", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457151"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "status": "draft"}, "cwe": "CWE-22", "details": ["A flaw was found in Helm, a package manager for Kubernetes. A remote attacker could exploit this vulnerability by providing a specially crafted Chart to the `helm pull --untar` command. This would cause the Chart's contents to be written to an unintended directory, potentially overwriting existing files or placing malicious files in an accessible location, leading to data integrity and availability issues."], "name": "CVE-2026-35206", "package_state": [{"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "rhacs-eng/release-main", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "rhacs-eng/release-operator", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "rhacs-eng/release-roxctl", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "rhacs-eng/release-scanner-v4", "product_name": "Red Hat Advanced Cluster Security 4"}], "public_date": "2026-04-09T21:02:13Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-35206\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-35206\nhttps://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436\nhttps://github.com/helm/helm/releases/tag/v4.1.4\nhttps://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.0.0,4.1.4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.20.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "helm", "source": "cna", "vendor": "helm"}, "product": "helm", "vendor": "helm"}], "analysis": {"en": {"generated_at": "2026-04-09T22:43:14.610403+00:00", "value": {"mitigation_remediation": ["Upgrade Helm to version 3.20.2 or later, or 4.1.4 or later, to eliminate the extraction path collapse.", "Confirm that only trusted and signed chart repositories are used to prevent unauthorized chart delivery.", "Use isolated or dedicated working directories when running Helm to reduce the impact of any remaining extraction issues."], "summary": {"action": "Patch", "impact": "Local File System Modification"}, "threat_synthesis": {"affected_systems": "Helm, the package manager for Kubernetes charts, is affected in all releases older than v3.20.2 and v4.1.4. The issue appears in Helm versions 3.20.1 and earlier and 4.1.3 and earlier. Updating to 3.20.2 or any newer 3.x release, or to 4.1.4 or newer 4.x releases, removes the vulnerability.", "description_and_impact": "A craftable Chart that contains a name with a dot\u2011segment can cause the Helm pull and untar operation to write files into the immediate working directory instead of the intended chart subdirectory. This results in arbitrary file placement or overwrite within the local file system where Helm is executed, potentially allowing a local attacker to replace or corrupt configuration files. The weakness is a file path traversal issue, classified as CWE\u201122.", "risk_and_exploitability": "The CVSS score of 4.8 indicates a medium severity risk. No EPSS data is available, and the vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation requires that the attacker supply or influence the Chart pulled by Helm; thus the attack vector is local to the user running Helm. An attacker who can trick a Helm client into pulling a malicious chart may place files at an arbitrary path within the user\u2019s workspace, which could lead to privilege escalation or disrupt service operation."}}}}, "created": "2026-04-10T08:38:23.482434+00:00", "updated": "2026-04-10T09:29:07.656092+00:00", "vendors": ["helm", "helm$PRODUCT$helm"]}