GO-2024-3109
- Source
- https://pkg.go.dev/vuln/GO-2024-3109
- Import Source
- https://vuln.go.dev/ID/GO-2024-3109.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GO-2024-3109
- Aliases
- Published
- 2024-12-20T20:36:43Z
- Modified
- 2024-12-20T21:11:53.702437Z
- Summary
- The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD in github.com/metal3-io/baremetal-operator
- Details
-
The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD in github.com/metal3-io/baremetal-operator
- Database specific
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2024-3109" }- References
-
- https://github.com/metal3-io/baremetal-operator/security/advisories/GHSA-pqfh-xh7w-7h3p
- https://nvd.nist.gov/vuln/detail/CVE-2024-43803
- https://github.com/metal3-io/baremetal-operator/commit/3af4882e9c5fadc1a7550f53daea21dccd271f74
- https://github.com/metal3-io/baremetal-operator/commit/bedae7b997d16f36e772806681569bb8eb4dadbb
- https://github.com/metal3-io/baremetal-operator/commit/c2b5a557641bc273367635124047d6c958aa15f7
- https://github.com/metal3-io/baremetal-operator/pull/1929
- https://github.com/metal3-io/baremetal-operator/pull/1930
- https://github.com/metal3-io/baremetal-operator/pull/1931
Affected packages
Go / github.com/metal3-io/baremetal-operator
Package
- Name
- github.com/metal3-io/baremetal-operator
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/metal3-io/baremetal-operator