8 matches found
CVE-2024-12401 vulnerabilities
Vulnerabilities for packages: cert-manager-cmctl, step-issuer, cert-manager-webhook-pdns, aws-privateca-issuer, cert-manager-istio-csr, cert-exporter...
CVE-2024-12401 affecting package cert-manager for versions less than 1.12.15-1
CVE-2024-12401 affecting package cert-manager for versions less than 1.12.15-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: cert-manager (CVE-2024-12401)
The version of cert-manager installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12401 advisory. - A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data tha...
CVE-2024-12401 affecting package cert-manager for versions less than 1.11.2-18
CVE-2024-12401 affecting package cert-manager for versions less than 1.11.2-18. A patched version of the package is available...
CVE-2024-12401
A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...
CVE-2024-12401
creationtimestamp| type| source ---|---|--- 2024-12-12 09:08:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113639063448885845 2024-12-12 11:20:16+00:00| seen| https://t.me/cvedetector/12760 2025-03-15 06:46:43+00:00| published-proof-of-concept|...
CVE-2024-12401 Cert-manager: potential dos when parsing specially crafted pem inputs
A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...
CVE-2024-12401 Cert-manager: potential dos when parsing specially crafted pem inputs
A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...