CVE-2024-52284 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-52284 at MITRE

Description

Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

SUSE Bugzilla entry: 1246842 [NEW]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`govulncheck-vulndb >= 0.0.20250908T141310-1.1`	Patchnames: openSUSE-Tumbleweed-2025-15538

SUSE Timeline for this CVE

CVE page created: Mon Jul 21 18:46:51 2025
CVE page last modified: Thu Sep 11 01:18:45 2025