Vulnerability Report: GO-2024-3277
- CVE-2024-0793, GHSA-h7wq-jj8r-qm7p
- Affects: k8s.io/kubernetes
- Published: Nov 19, 2024
- Modified: Aug 05, 2025
Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
For detailed information about this vulnerability, visit https://github.com/advisories/GHSA-h7wq-jj8r-qm7p.
Affected Modules
-
PathGo Versions
-
before v1.27.0-alpha.1
Aliases
References
- https://github.com/advisories/GHSA-h7wq-jj8r-qm7p
- https://access.redhat.com/errata/RHSA-2024:0741
- https://access.redhat.com/errata/RHSA-2024:1267
- https://access.redhat.com/security/cve/CVE-2024-0793
- https://bugzilla.redhat.com/show_bug.cgi?id=2214402
- https://github.com/kubernetes/kubernetes/issues/107038#issuecomment-1911327145
- https://github.com/openshift/kubernetes/pull/1876
- https://vuln.go.dev/ID/GO-2024-3277.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.