VYPR
High severity8.4GHSA Advisory· Published May 2, 2024· Updated Apr 15, 2026

CVE-2024-33396

CVE-2024-33396

Description

An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/karmada-io/karmadaGo
<= 1.9.0

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.