CVE-2024-56513
EPSS 0.15%Karmada PULL Mode Cluster Privilege Escalation in github.com/karmada-io/karmada
Published: 1/3/2025Modified: 3/3/2026
Description
Karmada PULL Mode Cluster Privilege Escalation in github.com/karmada-io/karmada
Affected packages (2)
- Go/github.com/karmada-io/karmadafrom 0, < 1.12.0
- Go/github.com/karmada-io/karmadafrom 0, < 1.12.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-56513
- PATCHhttps://github.com/karmada-io/karmada
- WEBhttps://github.com/karmada-io/karmada/commit/2c82055c4c7f469411b1ba48c4dba4841df04831
- WEBhttps://github.com/karmada-io/karmada/pull/5793
- WEBhttps://github.com/karmada-io/karmada/security/advisories/GHSA-mg7w-c9x2-xh7r
- WEBhttps://karmada.io/docs/administrator/security/component-permission