CNNVD-202508-1475 Information

CNNVD ID

CNNVD-202508-1475

Related CVE

CVE-2025-55199

• CNNVD Published: 2025-08-14

Description (Chinese)

Helm是CNCF基金会的一款Kubernetes包管理器。 Helm 3.18.5之前版本存在安全漏洞，该漏洞源于JSON Schema文件处理不当，可能导致内存耗尽。

Description (English)

Helm is a Kubernetes package manager of the CNCF Foundation. There was a security loophole in the previous version of Helm 3.18.5, which stemmed from the mishandling of the JSON Schema document, which could lead to the depletion of the memory.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CNCF

Published

2025-08-14

Last Modified

2026-02-24

References

https://github.com/helm/helm/security/advisories/GHSA-9h84-qmv7-982p https://github.com/helm/helm/commit/b78692c18f0fb38fe5ba4571a674de067a4c53a5 https://nvd.nist.gov/vuln/detail/CVE-2025-55199

Patch

https://github.com/helm/helm/releases