RATATOSKRATATOSK
ログイン

Helm

v4.1.4Kubernetes Core
2026年4月9日

Helm v4.1.4 is a security-only patch fixing three vulnerabilities: chart extraction path traversal, plugin signature bypass, and plugin version path traversal enabling arbitrary file writes.

  • securityUpgrade immediately — all three CVEs are exploitable via untrusted input

    Two of these bugs (chart extraction collapse and plugin version path traversal) allow writing files to arbitrary locations on the filesystem. The third lets anyone install an unsigned plugin if they control the distribution channel. If your CI/CD pipeline pulls charts or plugins from external or semi-trusted sources, you are exposed on any Helm version before this patch. Upgrade to v4.1.4 (or v3.20.3 when released April 8) now. Don't wait for a maintenance window.

  • securityAudit your plugin sources before upgrading — unsigned plugins may have slipped through

    The provenance bypass (GHSA-q5jf-9vfq-h4h7) means any Helm installation that had plugin verification enabled could still have installed unsigned plugins if the .prov file was simply absent. Before upgrading, audit installed plugins with 'helm plugin list' and verify their origins manually. After upgrading, reinstall any plugins from official sources to ensure provenance is properly checked.

  • enhancementPin Helm in CI to this exact version now

    If you use a floating version reference like 'latest' or a minor-pinned tag in your CI pipeline, update it to v4.1.4 explicitly. The Helm team also pinned the CodeQL action to a commit SHA in this release — a good reminder to apply the same discipline to your own toolchain dependencies.

主な変更 (4)

  • GHSA-hr2v-4r36-88hr: Malicious Chart.yaml names using dot-segments could collapse extraction paths outside intended directories
  • GHSA-q5jf-9vfq-h4h7: Missing .prov file caused plugin verification to fail open, allowing unsigned plugins to install silently
  • GHSA-vmx8-mqv2-9gmg: Plugin metadata version field accepted path traversal sequences, enabling arbitrary file writes outside the Helm plugin directory
  • No feature changes or behavioral additions — pure security fixes