From a2cb23866d709e7f9fa0b12330ae4f2b212b60bd Mon Sep 17 00:00:00 2001 From: Stephen Kitt Date: Tue, 21 Jan 2025 19:08:57 +0100 Subject: [PATCH] Improve GHSA-2rhx-qhxp-5jpw --- .../GHSA-2rhx-qhxp-5jpw.json | 25 ++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/advisories/github-reviewed/2024/05/GHSA-2rhx-qhxp-5jpw/GHSA-2rhx-qhxp-5jpw.json b/advisories/github-reviewed/2024/05/GHSA-2rhx-qhxp-5jpw/GHSA-2rhx-qhxp-5jpw.json index 93cc7ed02277c..970b0921cb92f 100644 --- a/advisories/github-reviewed/2024/05/GHSA-2rhx-qhxp-5jpw/GHSA-2rhx-qhxp-5jpw.json +++ b/advisories/github-reviewed/2024/05/GHSA-2rhx-qhxp-5jpw/GHSA-2rhx-qhxp-5jpw.json @@ -6,7 +6,7 @@ "aliases": [ "CVE-2024-5042" ], - "summary": "Submariner Operator sets unnecessary RBAC permissions in helm charts", + "summary": "Submariner Operator sets unnecessary RBAC permissions", "details": "A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.", "severity": [ { @@ -25,7 +25,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "0" + "introduced": "0.16.0" }, { "fixed": "0.16.4" @@ -47,7 +47,26 @@ "introduced": "0.17.0" }, { - "last_affected": "0.18.0-m3" + "fixed": "0.17.2" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "Go", + "name": "github.com/submariner-io/submariner-operator" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "0.15.4" } ] }