Stack-based Buffer Overflow in github.com/helm/helm

CVE-2025-32387

github.com/helm/helm
github.com/helm/helm/v3
helm/helm
helm.sh/helm
helm.sh/helm/v3
helm.sh/helm/v3/v3
k8s.io/helm
k8s.io/Helm
k8s.io/helm/v3

Medium

6.5/10

Summary

Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a Stack Overflow. This issue affects helm.sh/helm/v3 package versions prior to 3.17.3. This has the same fix as CVE-2025-32386.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-121 - Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References

Advisory Timeline

Published Apr 09, 2025

Stack-based Buffer Overflow in github.com/helm/helm

CVE-2025-32387

Summary

CWE-121 - Stack-based Buffer Overflow

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS