4 matches found
CVE-2026-54592
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...
CVE-2025-32386
Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed e.g., 800x difference. When Helm loads this specially crafted chart, memory can be exhausted causing the application to terminate. This issu...
CVE-2025-32386
CVE-2025-32386: Helm memory exhaustion via crafted chart archives. A chart can expand uncompressed >800x, triggering memory exhaustion when loaded. Helm fixed in v3.17.3. IBM/Kubecost and related records reference Helm usage and confirm the vulnerability details and mitigation path (upgrade He...
CVE-2025-32387 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...