In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.