Go modules package
github.com/piraeusdatastore/piraeus-operator/v2
pkg:golang/github.com/piraeusdatastore/piraeus-operator/v2
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-33398 | Hig | 7.5 | <= 2.5.0 | — | May 3, 2024 | There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and use its high-risk privileges to list confidential information across the cluster |
- affected <= 2.5.0
There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and use its high-risk privileges to list confidential information across the cluster