CVE-2024-43403: Withdrawn Advisory: Kanister vulnerable to cluster-level privilege escalation
(updated )
This advisory affects the Kanister helm charts and not the go package
References
- github.com/advisories/GHSA-h27c-6xm3-mcqp
- github.com/kanisterio/kanister
- github.com/kanisterio/kanister/blob/master/helm/kanister-operator/templates/rbac.yaml
- github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp
- github.com/kanisterio/kanister/wiki/2023%E2%80%9024-Community-Meeting-Notes
- nvd.nist.gov/vuln/detail/CVE-2024-43403
Detect and mitigate CVE-2024-43403 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →