PT-2023-19950 · Helm+2 · Helm+2

Philipp Stehle

·

Published

2023-02-08

·

Updated

2025-11-28

·

CVE-2023-25165

CVSS v3.1

4.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Helm versions prior to 3.11.1
Description The getHostByName template function in Helm, introduced in Helm v3, performs a DNS lookup to return an IP address for a given hostname. This function can disclose information passed into the chart to the DNS servers used for the lookup. A malicious chart could exploit this by injecting getHostByName to disclose values to a malicious DNS server. The issue is related to the use of helm install|upgrade|template or the Helm SDK to render a chart.
Recommendations For Helm versions prior to 3.11.1, update to Helm 3.11.1 to resolve the issue. As a temporary workaround, verify that the getHostByName function is not being used in a template to disclose any information you do not want passed to DNS servers before using a chart with Helm.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALT-PU-2023-1697
ALT-PU-2024-16525
AZL-13300
AZL-13558
BIT-HELM-2023-25165
CVE-2023-25165
GHSA-PWCW-6F5G-GXF8
GO-2023-1547
OPENSUSE-SU-2023:0064-1
OPENSUSE-SU-2024:12667-1
OPENSUSE-SU-2024:12668-1
OPENSUSE-SU-2024:12676-1
OPENSUSE-SU-2024:12682-1
OPENSUSE-SU-2024:12683-1
OPENSUSE-SU-2024:12692-1
OPENSUSE-SU-2024:12695-1
OPENSUSE-SU-2024:12729-1
OPENSUSE-SU-2025:15779-1
SUSE-SU-2023:1571-1
SUSE-SU-2023:1752-1
SUSE-SU-2023:2100-1
SUSE-SU-2023_1571-1
SUSE-SU-2023_1752-1
SUSE-SU-2023_2100-1

Affected Products

Alt Linux
Helm
Suse