CVE-2024-52280

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-52280

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52280.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-52280

Aliases

Downstream

openSUSE-SU-2024:14519-1

Related

Published

2025-04-11T12:15:14.433Z

Modified

2026-03-12T13:42:06.693384Z

Severity

7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher which allows users to watch resources they are not allowed to access, when they have at least some generic permissions on the type. This issue affects rancher: before 2175e09, before 6e30359, before c744f0b.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52280.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2175e09"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "6e30359"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "c744f0b"
            }
        ]
    }
]