VYPR

Go modules package

github.com/openshift/hive

pkg:golang/github.com/openshift/hive

Vulnerabilities (3)

  • CVE-2024-25132MedMar 19, 2025
    affected <= 1.1.16

    A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernat

  • CVE-2025-2241HigMar 17, 2025
    affected <= 1.1.16

    A flaw was found in Hive, a component of Multicluster Engine (MCE) and Advanced Cluster Management (ACM). This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision ob

  • CVE-2024-25133HigDec 31, 2024
    affected <= 1.1.16

    A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod.