Improper Validation in Helm Package Manager for Kubernetes
CVE-2025-55198

6.5MEDIUM

Key Information:

Vendor: Helm
Status: Helm
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-55198?

Helm, a widely used package manager for Kubernetes Charts, has a vulnerability that arises from improper validation during the parsing of Chart.yaml and index.yaml files. This flaw can potentially lead to a panic, disrupting the functionality of the application. Users are urged to upgrade to Helm version 3.18.5 or later to mitigate this issue. For those unable to upgrade immediately, a temporary workaround involves ensuring that YAML files are properly formatted according to Helm's requirements prior to processing.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

helm < 3.18.5

References

https://github.com/helm/helm/security/advisories/GHSA-f9f...

x_refsource_CONFIRM

https://github.com/helm/helm/commit/ec5f59e2db56533d042a1...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 14, 2025

JSON

Helm

What is CVE-2025-55198?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.