VYPR

Go modules package

github.com/metal3-io/baremetal-operator

pkg:golang/github.com/metal3-io/baremetal-operator

Vulnerabilities (2)

  • CVE-2024-43803MedSep 3, 2024
    affected >= 0.7.0-rc.0, < 0.8.0fixed 0.8.0

    The Bare Metal Operator (BMO) implements a Kubernetes API for managing bare metal hosts in Metal3. The `BareMetalHost` (BMH) CRD allows the `userData`, `metaData`, and `networkData` for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both

  • CVE-2023-30841Apr 26, 2023
    affected < 0.3.0fixed 0.3.0

    Baremetal Operator (BMO) is a bare metal host provisioning integration for Kubernetes. Prior to version 0.3.0, ironic and ironic-inspector deployed within Baremetal Operator using the included `deploy.sh` store their `.htpasswd` files as ConfigMaps instead of Secrets. This causes