CVE-2025-55199

Medium CVSS: 6.5

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory (OOM) termination. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring all Helm charts that are being loaded into Helm do not have any reference of $ref pointing to /dev/zero.

Vendor

Helm

Product

Helm

CWE

CWE-770

Yayın Tarihi

2025-08-14 00:15:27

Güncelleme

2025-08-21 21:25:20

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-770 Helm MEDIUM Helm 2025

Referanslar

https://github.com/helm/helm/commit/b78692c18f0fb38fe5ba4571a674de067a4c53a5 https://github.com/helm/helm/security/advisories/GHSA-9h84-qmv7-982p

Benzer Kayıtlar

Medium

CVE-2025-55198

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml fil…

High

CVE-2025-53547

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a s…

Medium

CVE-2025-32386

Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly…

Medium

CVE-2025-32387

Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nest…