THREATOPS
THREAT OPSThreat News › Charting your way in: Helm template injection

Charting your way in: Helm template injection

lowsynacktiv

During the audit of a Kubernetes cluster, we encountered an injection in a Helm template applied through ArgoCD. To our surprise, very few resources exist regarding YAML injection in vulnerable Helm templates. In this blog post, we will explore this kind of vulnerability and how to prevent its exploitation.

MITRE ATT&CK techniques

Original source: https://www.synacktiv.com/en/publications/charting-your-way-in-helm-template-injection.html