AZL-60172

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60172.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-60172

Upstream

CVE-2025-32387

Published

2025-04-09T23:15:37Z

Modified

2026-04-21T04:37:22.439705Z

Summary

CVE-2025-32387 affecting package cert-manager 1.11.2-27

Details

Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-32387

Affected packages

Azure Linux:2 / cert-manager

Package

Name: cert-manager
Purl: pkg:rpm/azure-linux/cert-manager

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

1.11.2-27

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60172.json"