Description

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory (OOM) termination. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring all Helm charts that are being loaded into Helm do not have any reference of $ref pointing to /dev/zero.

INFO

Published Date :

2025-08-13T23:23:43.304Z

Last Modified :

2025-08-14T14:50:39.218Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-55199 vulnerability.

Vendors Products
Helm
  • Helm
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-55199.

URL Resource
https://github.com/helm/helm/commit/b78692c18f0fb38fe5ba4571a674de067a4c53a5 cve-icon cve-icon cve-icon
https://github.com/helm/helm/security/advisories/GHSA-9h84-qmv7-982p cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-55199 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-55199 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact