helm.sh/helm/v3 is vulnerable to denial of service. The vulnerability exists because the parser.go
does not properly implement the maximum level of nesting for a value name, allowing an attacker to cause an application crash through stack overflow by passing a malicious string.
CPE | Name | Operator | Version |
---|---|---|---|
helm.sh/helm/v3 | le | v3.10.2 | |
helm.sh/helm/v3 | le | v3.10.2 |