CVE-2025-32386 — MEDIUM (6.5)

Vulnerability Description

Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed (e.g., >800x difference). When Helm loads this specially crafted chart, memory can be exhausted causing the application to terminate. This issue has been resolved in Helm v3.17.3.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Helm	Helm	< 3.17.3

Related Weaknesses (CWE)

CWE-770 CWE-789

References

https://github.com/helm/helm/commit/d8ca55fc669645c10c0681d49723f4bb8c0b1ce7Patch
https://github.com/helm/helm/security/advisories/GHSA-4hfp-h4cw-hj8pThird Party Advisory

FAQ

What is CVE-2025-32386?

CVE-2025-32386 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed (e.g., >800x difference). When Helm loads t...

How severe is CVE-2025-32386?

CVE-2025-32386 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-32386?

Check the references section above for vendor advisories and patch information. Affected products include: Helm Helm.