High severity7.7NVD Advisory· Published Nov 17, 2024· Updated Apr 15, 2026
CVE-2024-0793
CVE-2024-0793
Description
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
k8s.io/kubernetesGo | < 1.27.0-alpha.1 | 1.27.0-alpha.1 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- github.com/advisories/GHSA-h7wq-jj8r-qm7pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-0793ghsaADVISORY
- access.redhat.com/errata/RHSA-2024:0741nvdWEB
- access.redhat.com/errata/RHSA-2024:1267nvdWEB
- access.redhat.com/security/cve/CVE-2024-0793nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/kubernetes/kubernetes/issues/107038ghsaWEB
- github.com/openshift/kubernetes/pull/1876nvdWEB
- pkg.go.dev/vuln/GO-2024-3277ghsaWEB
News mentions
0No linked articles in our index yet.