diff --git a/go.mod b/go.mod
index 23945d8c2f..8a1f1ac899 100644
--- a/go.mod
+++ b/go.mod
@@ -31,7 +31,7 @@ require (
 	golang.org/x/mod v0.15.0
 	google.golang.org/grpc v1.61.0
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
-	helm.sh/helm/v3 v3.14.0
+	helm.sh/helm/v3 v3.14.1
 	k8s.io/api v0.29.0
 	k8s.io/apimachinery v0.29.0
 	k8s.io/cli-runtime v0.29.0
diff --git a/go.sum b/go.sum
index 42381b8180..1aedae9734 100644
--- a/go.sum
+++ b/go.sum
@@ -775,8 +775,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o=
 gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g=
-helm.sh/helm/v3 v3.14.0 h1:TaZIH6uOchn7L27ptwnnuHJiFrT/BsD4dFdp/HLT2nM=
-helm.sh/helm/v3 v3.14.0/go.mod h1:2itvvDv2WSZXTllknfQo6j7u3VVgMAvm8POCDgYH424=
+helm.sh/helm/v3 v3.14.1 h1:4AwRLx+wfzlPtvrsbDmWP5PUokGmf9/nAmEdk21vae8=
+helm.sh/helm/v3 v3.14.1/go.mod h1:2itvvDv2WSZXTllknfQo6j7u3VVgMAvm8POCDgYH424=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A=
diff --git a/vendor/helm.sh/helm/v3/pkg/chart/metadata.go b/vendor/helm.sh/helm/v3/pkg/chart/metadata.go
index 97bfc2c0cd..a08a97cd1d 100644
--- a/vendor/helm.sh/helm/v3/pkg/chart/metadata.go
+++ b/vendor/helm.sh/helm/v3/pkg/chart/metadata.go
@@ -16,6 +16,7 @@ limitations under the License.
 package chart
 
 import (
+	"path/filepath"
 	"strings"
 	"unicode"
 
@@ -110,6 +111,11 @@ func (md *Metadata) Validate() error {
 	if md.Name == "" {
 		return ValidationError("chart.metadata.name is required")
 	}
+
+	if md.Name != filepath.Base(md.Name) {
+		return ValidationErrorf("chart.metadata.name %q is invalid", md.Name)
+	}
+
 	if md.Version == "" {
 		return ValidationError("chart.metadata.version is required")
 	}
diff --git a/vendor/helm.sh/helm/v3/pkg/chartutil/errors.go b/vendor/helm.sh/helm/v3/pkg/chartutil/errors.go
index fcdcc27eaa..0a4046d2e2 100644
--- a/vendor/helm.sh/helm/v3/pkg/chartutil/errors.go
+++ b/vendor/helm.sh/helm/v3/pkg/chartutil/errors.go
@@ -33,3 +33,11 @@ type ErrNoValue struct {
 }
 
 func (e ErrNoValue) Error() string { return fmt.Sprintf("%q is not a value", e.Key) }
+
+type ErrInvalidChartName struct {
+	Name string
+}
+
+func (e ErrInvalidChartName) Error() string {
+	return fmt.Sprintf("%q is not a valid chart name", e.Name)
+}
diff --git a/vendor/helm.sh/helm/v3/pkg/chartutil/save.go b/vendor/helm.sh/helm/v3/pkg/chartutil/save.go
index 2ce4eddaf4..4ee90709c9 100644
--- a/vendor/helm.sh/helm/v3/pkg/chartutil/save.go
+++ b/vendor/helm.sh/helm/v3/pkg/chartutil/save.go
@@ -39,6 +39,10 @@ var headerBytes = []byte("+aHR0cHM6Ly95b3V0dS5iZS96OVV6MWljandyTQo=")
 // directory, writing the chart's contents to that subdirectory.
 func SaveDir(c *chart.Chart, dest string) error {
 	// Create the chart directory
+	err := validateName(c.Name())
+	if err != nil {
+		return err
+	}
 	outdir := filepath.Join(dest, c.Name())
 	if fi, err := os.Stat(outdir); err == nil && !fi.IsDir() {
 		return errors.Errorf("file %s already exists and is not a directory", outdir)
@@ -149,6 +153,10 @@ func Save(c *chart.Chart, outDir string) (string, error) {
 }
 
 func writeTarContents(out *tar.Writer, c *chart.Chart, prefix string) error {
+	err := validateName(c.Name())
+	if err != nil {
+		return err
+	}
 	base := filepath.Join(prefix, c.Name())
 
 	// Pull out the dependencies of a v1 Chart, since there's no way
@@ -242,3 +250,15 @@ func writeToTar(out *tar.Writer, name string, body []byte) error {
 	_, err := out.Write(body)
 	return err
 }
+
+// If the name has directory name has characters which would change the location
+// they need to be removed.
+func validateName(name string) error {
+	nname := filepath.Base(name)
+
+	if nname != name {
+		return ErrInvalidChartName{name}
+	}
+
+	return nil
+}
diff --git a/vendor/helm.sh/helm/v3/pkg/lint/rules/chartfile.go b/vendor/helm.sh/helm/v3/pkg/lint/rules/chartfile.go
index 70532ad4f5..910602b7df 100644
--- a/vendor/helm.sh/helm/v3/pkg/lint/rules/chartfile.go
+++ b/vendor/helm.sh/helm/v3/pkg/lint/rules/chartfile.go
@@ -106,6 +106,10 @@ func validateChartName(cf *chart.Metadata) error {
 	if cf.Name == "" {
 		return errors.New("name is required")
 	}
+	name := filepath.Base(cf.Name)
+	if name != cf.Name {
+		return fmt.Errorf("chart name %q is invalid", cf.Name)
+	}
 	return nil
 }
 
diff --git a/vendor/modules.txt b/vendor/modules.txt
index a9f0762273..613f50194c 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -1326,7 +1326,7 @@ gopkg.in/yaml.v2
 # gopkg.in/yaml.v3 v3.0.1
 ## explicit
 gopkg.in/yaml.v3
-# helm.sh/helm/v3 v3.14.0
+# helm.sh/helm/v3 v3.14.1
 ## explicit; go 1.21
 helm.sh/helm/v3/internal/fileutil
 helm.sh/helm/v3/internal/resolver