16 matches found
Azure Linux 3.0 Security Update: helm (CVE-2025-32387)
The version of helm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32387 advisory. - Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a...
CBL Mariner 2.0 Security Update: cert-manager / helm (CVE-2025-32387)
The version of cert-manager / helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32387 advisory. - Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be...
CVE-2025-32387 affecting package cert-manager for versions less than 1.12.15-4
CVE-2025-32387 affecting package cert-manager for versions less than 1.12.15-4. A patched version of the package is available...
Security update for helm-mirror
This update for helm-mirror fixes the following issues: CVE-2025-32386: Fixed denial of service due to memory exhaustion after loading a specially crafter chart bsc1241028 CVE-2025-32387: Fixed stack overflow due to parser recursion that can exceed the stack size limit bsc1241031 Patch...
openSUSE Security Advisory (SUSE-SU-2025:01830-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:01830-1 Security update for helm-mirror
This update for helm-mirror fixes the following issues: - CVE-2025-32386: Fixed denial of service due to memory exhaustion after loading a specially crafter chart bsc1241028 - CVE-2025-32387: Fixed stack overflow due to parser recursion that can exceed the stack size limit bsc1241031...
govulncheck-vulndb-0.0.20250410T162706-1.1 on GA media (moderate)
govulncheck-vulndb-0.0.20250410T162706-1.1 on GA media Announcement ID: openSUSE-SU-2025:14995-1 Rating: moderate Cross-References: CVE-2025-32386 CVE-2025-32387 CVSS scores: CVE-2025-32386 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-32386 SUSE : 6.9...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, cilium-cli, zot, consul-k8s, helm-push, tw, helm-docs, cert-manager-cmctl, pluto, cluster-api-helm-controller, flux-source-controller, k9s, flux-helm-controller, chart-testing, kubescape, trivy, rancher-helm, flux, zarf, k8ssandra-client, kots,...
CVE-2025-32387 vulnerabilities
Vulnerabilities for packages: flux-source-controller-fips, kubescape, chartmuseum-fips, cert-manager-cmctl-fips, harbor-fips, helm-operator, k8ssandra-client, cilium-cli, consul-k8s-fips, helm-push, flux-fips, flux-source-controller, cloudbeat-fips, trivy-fips, trivy, eksctl, chartmuseum,...
SUSE CVE-2025-32387
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...
CVE-2025-32387
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...
CVE-2025-32387
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...
CVE-2025-32387
creationtimestamp| type| source ---|---|--- 2025-04-09 22:48:53+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11180 2025-04-10 03:33:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmgkzhohpp2a 2025-04-10 03:39:13+00:00| seen|...
CVE-2025-32387
CVE-2025-32387 (Helm) involves a JSON Schema in a chart that can be crafted with deeply nested references, triggering recursive parsing and a stack overflow. Connected IBM bulletin corroborates the Helm issue and notes the fix in Helm v3.17.3; remediation is to upgrade to Helm v3.17.3 or later. T...
CVE-2025-32387 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...
CVE-2025-32387 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...