VYPR
High severity7.7GHSA Advisory· Published Sep 2, 2025· Updated Apr 15, 2026

CVE-2024-52284

CVE-2024-52284

Description

Unauthorized disclosure of sensitive data: Any user with GET or LIST permissions on BundleDeployment resources could retrieve Helm values containing credentials or other secrets.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/fleetGo
>= 0.13.0, < 0.13.1-0.20250806151509-088bcbea7edb0.13.1-0.20250806151509-088bcbea7edb
github.com/rancher/fleetGo
>= 0.12.0, < 0.12.60.12.6
github.com/rancher/fleetGo
>= 0.11.0, < 0.11.100.11.10

Affected products

5

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.