VYPR

Go modules package

github.com/karmada-io/karmada

pkg:golang/github.com/karmada-io/karmada

Vulnerabilities (3)

  • CVE-2024-56514MedJan 3, 2025
    affected < 1.12.0fixed 1.12.0

    Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, both in karmadactl and karmada-operator, it is possible to supply a filesystem path, or an HTTP(s) URL to retrieve

  • CVE-2024-56513HigJan 3, 2025
    affected < 1.12.0fixed 1.12.0

    Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, the PULL mode clusters registered with the `karmadactl register` command have excessive privileges to access contr

  • CVE-2024-33396HigMay 2, 2024
    affected <= 1.9.0

    An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.