Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | cert-manager/cert-manager | 0, 1.13.0-alpha.0, 1.16.0-alpha.0 |
| Go | github.com/cert-manager/cert-manager | 1.13.0-alpha.0, 0, 1.16.0-alpha.0 |
| github.com | cert-manager/cert-manager | 0, 1.13.0-alpha.0, 1.16.0-alpha.0 |
Timeline
- Nov 20, 2024 CVE Published
- Oct 31, 2025 CVE Updated
- Mar 2, 2026 Security Advisory
References
- https://github.com/cert-manager/cert-manager/security/advisories/GHSA-r4pg-vg54-wxx4 url
- https://github.com/cert-manager/cert-manager product
- https://go.dev/issue/50116 url
- https://pkg.go.dev/vuln/GO-2024-3282 url
- GitHub Advisory GHSA-r4pg-vg54-wxx4 vendor-advisory
- https://github.com/golang/go/issues/50116 url
- https://github.com/cert-manager/cert-manager/pull/7400 url
- https://github.com/cert-manager/cert-manager/pull/7401 url
- https://github.com/cert-manager/cert-manager/pull/7402 url
- https://github.com/cert-manager/cert-manager/pull/7403 url
- https://nvd.nist.gov/vuln/detail/CVE-2024-12401 vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-12401 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2327929 url
- GitHub Advisory GHSA-ghw8-3xqw-hhcj vendor-advisory