CVE-2025-55198 — Vulnetix

CVE-2025-55198 PUBLISHED

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatted as Helm expects prior to processing them with Helm.

EPSS 0.03% · 7.9th percentile

Risk Scores

EPSS Score

0.03%

7.9th percentile

Affected Products

Vendor	Product	Versions
Bitnami	helm	0
Bitnami	helm	0

Timeline

Jan 21, 1970 Security Advisory
Aug 13, 2025 CVE Published
Aug 14, 2025 EPSS Score
Aug 14, 2025 Coalition ESS Score
Aug 14, 2025 CVE Updated
Aug 21, 2025 Coalition ESS Score
Aug 22, 2025 EPSS Score
Aug 26, 2025 Coalition ESS Score
Aug 30, 2025 EPSS Score
Sep 3, 2025 Coalition ESS Score
Sep 8, 2025 EPSS Score
Sep 16, 2025 EPSS Score

References

https://github.com/helm/helm/commit/ec5f59e2db56533d042a124f5bae54dd87b558e6 url
https://github.com/helm/helm/security/advisories/GHSA-f9f8-9pmf-xv68 url
https://nvd.nist.gov/vuln/detail/CVE-2025-55198 url

Open in Interactive Console →