EUVD-2025-24646

Malicious code in bioql PyPI...

EUVD-2025-24647

Malicious code in bioql PyPI...

BIT-HELM-2025-55199 Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

CVE-2025-55199

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

CVE-2025-55198

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatted as Helm expect...

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource via improper validation when parsing Chart.yaml and index.yaml files. An attacker can cause a panic in the application by providing malformed or unexpected YAML content, such as a null maintainer, non-strin...

GHSA-F9F8-9PMF-XV68 Helm May Panic Due To Incorrect YAML Content

A Helm contributor discovered an improper validation of type error when parsing Chart.yaml and index.yaml files that can lead to a panic. Impact There are two areas of YAML validation that were impacted. First, when a Chart.yaml file had a null maintainer or the child or parent of a dependencies...

CVE-2025-55198

CVE-2025-55198 affects Helm (Charts for Kubernetes). Prior to 3.18.5, parsing Chart.yaml and index.yaml could panic due to improper type validation. Helm 3.18.5 fixes the issue; a workaround is to ensure YAML files are formatted as Helm expects before processing. The IBM/Converged IBM bulletins l...

CVE-2025-55198 Helm May Panic Due To Incorrect YAML Content

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatted as Helm expect...

CVE-2025-55199

CVE-2025-55199 (Helm) : Pre-3.18.5 Helm can craft a JSON Schema file that may cause Helm to consume all memory and terminate with an OOM. The issue is resolved in Helm 3.18.5. A workaround is to ensure loaded charts do not reference /dev/zero via $ref. Remediation: upgrade to Helm 3.18.5 or later...