Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

GHSA-5xqw-8hwv-wg92 · BIT-helm-2025-32387 · CVE-2025-32387 · GO-2025-3602

Published Apr 10, 2025 · Modified Feb 4, 2026

Description

A Helm contributor discovered that a specially crafted JSON Schema within a chart can lead to a stack overflow.

Impact

A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow.

Patches

This issue has been resolved in Helm v3.17.3.

Workarounds

Ensure that the JSON Schema within any charts loaded by Helm does not have a large number of nested references. These JSON Schema files are larger than 10 MiB.

For more information

Helm's security policy is spelled out in detail in our SECURITY document.

Credits

Disclosed by Jakub Ciolek at AlphaSense.

References

WEB https://github.com/helm/helm/security/advisories/GHSA-5xqw-8hwv-wg92
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-32387
WEB https://github.com/helm/helm/commit/d8ca55fc669645c10c0681d49723f4bb8c0b1ce7
PACKAGE https://github.com/helm/helm

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes