CVE-2024-52284

🗓️ 02 Sep 2025 11:49:49Reported by suseType

CVE-2024-52284 exposes Helm values in BundleDeployment as plain text, risking credential disclosure.

Reporter	Title	Published	Views	Family All 53
Circl	CVE-2024-52284	1 Sep 202506:11	–	circl
CNNVD	Rancher 安全漏洞	2 Sep 202500:00	–	cnnvd
Cvelist	CVE-2024-52284 Rancher Fleet Helm Values are stored inside BundleDeployment in plain text	2 Sep 202511:49	–	cvelist
EUVD	EUVD-2024-54941	3 Oct 202520:07	–	euvd
Github Security Blog	Rancher Fleet Helm Values are stored inside BundleDeployment in plain text	29 Aug 202520:31	–	github
NVD	CVE-2024-52284	2 Sep 202512:15	–	nvd
OSV	GHSA-6H9X-9J5V-7W9H Rancher Fleet Helm Values are stored inside BundleDeployment in plain text	29 Aug 202520:31	–	osv
OSV	GO-2025-3927 Rancher Fleet Helm Values are stored inside BundleDeployment in plain text in github.com/rancher/fleet	8 Sep 202514:13	–	osv
OSV	OPENSUSE-SU-2025:15538-1 govulncheck-vulndb-0.0.20250908T141310-1.1 on GA media	10 Sep 202500:00	–	osv
OSV	SUSE-SU-2025:03289-1 Security update for govulncheck-vulndb	22 Sep 202510:16	–	osv

[
  {
    "defaultStatus": "unaffected",
    "packageName": "github.com/rancher/fleet",
    "product": "Rancher",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "0.13.1-0.20250806151509-088bcbea7edb",
        "status": "affected",
        "version": "0.13.0",
        "versionType": "semver"
      },
      {
        "lessThan": "0.12.6",
        "status": "affected",
        "version": "0.12.0",
        "versionType": "semver"
      },
      {
        "lessThan": "0.11.10",
        "status": "affected",
        "version": "0.11.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.suse.com/show_bug.cgi
github	www.github.com/advisories/GHSA-6h9x-9j5v-7w9h

15 Apr 2026 00:35Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.17.7

EPSS0.00042

SSVC

CWE-312