AZL-59979

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-59979.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-59979

Upstream

CVE-2025-32387

Published

2025-04-09T23:15:37Z

Modified

2026-04-21T04:37:21.653295Z

Summary

CVE-2025-32387 affecting package cert-manager for versions less than 1.12.15-4

Details

Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-32387

Affected packages

Azure Linux:3 / cert-manager

Package

Name: cert-manager
Purl: pkg:rpm/azure-linux/cert-manager

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.12.15-4

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-59979.json"