SUSE CVE-2025-32387

🗓️ 11 Apr 2025 09:21:12Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

Helm vulnerability CVE-2025-32387 causes stack overflow via nested JSON Schema references in a chart; fixed in Helm 3.17.3.

Reporter	Title	Published	Views	Family All 79
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion	11 Sep 202518:18	–	ibm
IBM Security Bulletins	Security Bulletin: Due to the use of helm, IBM Kubecost Self Hosted is affected by stack overflow and memory exhaustion	6 Nov 202514:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Data is vulnerable to helm ( CVE-2025-32386, CVE-2025-32387 )	30 Sep 202513:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image	20 May 202514:32	–	ibm
AlpineLinux	CVE-2025-32387	9 Apr 202523:15	–	alpinelinux
Tenable Nessus	Azure Linux 3.0 Security Update: helm (CVE-2025-32387)	11 Jul 202500:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: cert-manager / helm (CVE-2025-32387)	11 Jul 202500:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : helm-mirror (SUSE-SU-2025:01830-1)	7 Jun 202500:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : helm-mirror (SUSE-SU-2025:01830-2)	9 Jul 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2025-32387	2 Sep 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	govulncheck-vulndb	0.0.20250410T162706-1.1	govulncheck-vulndb-0.0.20250410T162706-1.1.noarch.rpm
SUSE Linux Enterprise Server	16.0	any	govulncheck-vulndb	0.0.20250814T182633-160000.1.2	govulncheck-vulndb-0.0.20250814T182633-160000.1.2.noarch.rpm
OpenSUSE Leap	15.6	any	helm-mirror	0.3.1-150000.1.18.2	helm-mirror-0.3.1-150000.1.18.2.noarch.rpm
SUSE Linux Enterprise Server	15.4	any	helm-mirror	0.3.1-150000.1.18.2	helm-mirror-0.3.1-150000.1.18.2.noarch.rpm
SUSE Linux Enterprise Server	15.6	any	helm-mirror	0.3.1-150000.1.18.2	helm-mirror-0.3.1-150000.1.18.2.noarch.rpm
SUSE Linux Enterprise Server	15.7	any	helm-mirror	0.3.1-150000.1.18.2	helm-mirror-0.3.1-150000.1.18.2.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.6	any	helm-mirror	0.3.1-150000.1.18.2	helm-mirror-0.3.1-150000.1.18.2.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.7	any	helm-mirror	0.3.1-150000.1.18.2	helm-mirror-0.3.1-150000.1.18.2.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2025-32387
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1241032
lists	www.lists.suse.com/pipermail/sle-updates/2025-June/040175.html
lists	www.lists.suse.com/pipermail/sle-updates/2025-July/040633.html
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/E43FPQVMRXXDJFNVP6BBWLBUQXMXBJ3W/

20 May 2026 02:57Current

7High risk

Vulners AI Score7

CVSS 3.16.5

EPSS0.00383

helm json schema nested references stack overflow parser recursion cve 2025 32387 helm 3.17.3