VDB
GO-2024-3277
GO-2024-3277
PUBLISHED
Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| k8s.io | kubernetes | 0, 0 |
Timeline
- Nov 19, 2024 CVE Published
- Feb 4, 2026 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://github.com/advisories/GHSA-h7wq-jj8r-qm7p advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2214402 url
- https://access.redhat.com/errata/RHSA-2024:0741 advisory
- https://access.redhat.com/errata/RHSA-2024:1267 advisory
- https://access.redhat.com/security/cve/CVE-2024-0793 advisory
- https://github.com/kubernetes/kubernetes/issues/107038#issuecomment-1911327145 discussion
- https://github.com/openshift/kubernetes/pull/1876 fix