CVE-2020-15187

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 2.16.11 and Helm 3.3.2. As a possible workaround make sure to install plugins using a secure connection protocol like SSL.

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 2.16.11 and Helm 3.3.2. As a possible workaround make sure to install plugins using a secure connection protocol like SSL.

### Impact During a security audit of Helm's code base, Helm maintainers identified a bug in which a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). ### Patches This issue has been patched in Helm 2.16.11 and Helm 3.3.2. ### Workarounds Make sure to install plugins using a secure connection protocol like SSL.

### Impact During a security audit of Helm's code base, Helm maintainers identified a bug in which a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform this attack, an attacker must have write access to the git repository or plugin archive (.tgz) while being downloaded (which can occur during a MITM attack on a non-SSL connection). ### Patches This issue has been patched in Helm 2.16.11 and Helm 3.3.2. ### Workarounds Make sure to install plugins using a secure connection protocol like SSL.

En Helm versiones anteriores a 2.16.11 y 3.3.2, un plugin de Helm puede contener duplicados de la misma entrada, y siempre se usa la última. Si un plugin está comprometido, esto reduce el nivel de acceso que un atacante necesita para modificar los hooks de instalación de un plugin, causando un ataque de ejecución local. Para llevar a cabo este ataque, un atacante necesita tener acceso de escritura al repositorio de git o al archivo de plugins (.tgz) mientras está siendo descargado (lo que puede ocurrir durante un ataque de tipo MITM en una conexión no SSL). Este problema ha sido corregido en Helm versión 2.16.11 y Helm versión 3.3.2. Como posible solución, asegúrese de instalar plugins usando un protocolo de conexión seguro como SSL