{"id":"GO-2025-3888","summary":"Helm May Panic Due To Incorrect YAML Content in helm.sh/helm","details":"Helm May Panic Due To Incorrect YAML Content in helm.sh/helm","aliases":["BIT-helm-2025-55198","CVE-2025-55198","GHSA-f9f8-9pmf-xv68"],"modified":"2026-03-17T04:53:37.187465Z","published":"2025-08-18T19:03:35Z","related":["CGA-gh4w-vw29-v29x"],"database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2025-3888"},"references":[{"type":"ADVISORY","url":"https://github.com/helm/helm/security/advisories/GHSA-f9f8-9pmf-xv68"},{"type":"FIX","url":"https://github.com/helm/helm/commit/ec5f59e2db56533d042a124f5bae54dd87b558e6"}],"affected":[{"package":{"name":"helm.sh/helm","ecosystem":"Go","purl":"pkg:golang/helm.sh/helm"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3888.json"}},{"package":{"name":"helm.sh/helm/v3","ecosystem":"Go","purl":"pkg:golang/helm.sh/helm/v3"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.18.5"}]}],"ecosystem_specific":{"imports":[{"symbols":["processImportValues"],"path":"helm.sh/helm/v3/pkg/chartutil"},{"symbols":["validateChartMaintainer"],"path":"helm.sh/helm/v3/pkg/lint/rules"},{"symbols":["loadIndex"],"path":"helm.sh/helm/v3/pkg/repo"}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3888.json"}}],"schema_version":"1.7.5"}