Upstream information
Description
Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
SUSE Bugzilla entry: 1246842 [NEW] No SUSE Security Announcements cross referenced.List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2025-15538 |
SUSE Timeline for this CVE
CVE page created: Mon Jul 21 18:46:51 2025CVE page last modified: Thu Sep 11 01:18:45 2025