Upstream information

CVE-2024-52284 at MITRE

Description

Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

SUSE Bugzilla entry: 1246842 [NEW]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
openSUSE Tumbleweed
  • govulncheck-vulndb >= 0.0.20250908T141310-1.1
Patchnames:
openSUSE-Tumbleweed-2025-15538


SUSE Timeline for this CVE

CVE page created: Mon Jul 21 18:46:51 2025
CVE page last modified: Thu Sep 11 01:18:45 2025