Helm is a tool that streamlines installing and managing Kubernetes applications.getHostByName is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a DNS lookup. The DNS lookup happens when used with helm install|upgrade|template or when the Helm SDK is used to render a chart. Information passed into the chart can be disclosed to the DNS servers used to lookup the IP address. For example, a malicious chart could inject getHostByName into a chart in order to disclose values to a malicious DNS server. The issue has been fixed in Helm 3.11.1. Prior to using a chart with Helm verify the getHostByName function is not being used in a template to disclose any information you do not want passed to DNS servers.
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Helm | Helm | 3.0.0 (including) | 3.11.1 (excluding) |
| Red Hat OpenShift Container Platform 4.12 | RedHat | openshift4/ose-console-operator:v4.12.0-202403060808.p0.g7ea10a2.assembly.stream.el8 | * |
| Red Hat OpenShift Container Platform 4.13 | RedHat | openshift4/ose-console-operator:v4.13.0-202304280015.p0.g0ce3d0b.assembly.stream | * |
| Red Hat OpenShift Container Platform 4.13 | RedHat | openshift4/ose-olm-rukpak-rhel8:v4.13.0-202304190216.p0.g66b3e55.assembly.stream | * |
| Red Hat OpenShift Container Platform 4.14 | RedHat | openshift4/oc-mirror-plugin-rhel8:v4.14.0-202310201027.p0.g68cf97e.assembly.stream | * |
| Red Hat OpenShift Container Platform 4.14 | RedHat | openshift4/ose-azure-cluster-api-controllers-rhel8:v4.14.0-202310201027.p0.gc015df4.assembly.stream | * |
| Red Hat OpenShift Container Platform 4.14 | RedHat | openshift4/ose-cluster-platform-operators-manager-rhel8:v4.14.0-202310201027.p0.g08fb27e.assembly.stream | * |
There are many different kinds of mistakes that introduce information exposures. The severity of the error can range widely, depending on the context in which the product operates, the type of sensitive information that is revealed, and the benefits it may provide to an attacker. Some kinds of sensitive information include:
Information might be sensitive to different parties, each of which may have their own expectations for whether the information should be protected. These parties include:
Information exposures can occur in different ways:
It is common practice to describe any loss of confidentiality as an “information exposure,” but this can lead to overuse of CWE-200 in CWE mapping. From the CWE perspective, loss of confidentiality is a technical impact that can arise from dozens of different weaknesses, such as insecure file permissions or out-of-bounds read. CWE-200 and its lower-level descendants are intended to cover the mistakes that occur in behaviors that explicitly manage, store, transfer, or cleanse sensitive information.