
We found results for “”
CVE-2024-52284
Good to know:

Date: September 2, 2025
Unauthorized disclosure of sensitive data: Any user with "GET" or "LIST" permissions on "BundleDeployment" resources could retrieve Helm values containing credentials or other secrets.
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Cleartext Storage of Sensitive Information
CWE-312Top Fix

Upgrade Version
Upgrade to version github.com/rancher/fleet - v0.13.1;github.com/rancher/fleet - v0.12.6;github.com/rancher/fleet - v0.11.10;github.com/rancher/fleet - v0.13.1-0.20250806151509-088bcbea7edb
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |