{"id":"AZL-60172","summary":"CVE-2025-32387 affecting package cert-manager 1.11.2-27","details":"Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3.","modified":"2026-04-21T04:37:22.439705Z","published":"2025-04-09T23:15:37Z","upstream":["CVE-2025-32387"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32387"}],"affected":[{"package":{"name":"cert-manager","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/cert-manager"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"1.11.2-27"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60172.json"}}],"schema_version":"1.7.5"}