GO-2025-4125

See a problem?
Please try reporting it to the source first.

Source

https://pkg.go.dev/vuln/GO-2025-4125

Import Source

https://vuln.go.dev/ID/GO-2025-4125.json

JSON Data

https://api.osv.dev/v1/vulns/GO-2025-4125

Aliases

CVE-2025-2843
GHSA-mj6p-p843-x5wc

Published

2025-11-17T19:11:25Z

Modified

2025-11-17T19:58:35.439917Z

Summary

Observability Operator is vulnerable to Incorrect Privilege Assignment through its Custom Resource MonitorStack in github.com/rhobs/observability-operator

Details

Observability Operator is vulnerable to Incorrect Privilege Assignment through its Custom Resource MonitorStack in github.com/rhobs/observability-operator

Database specific

{
    "review_status": "UNREVIEWED",
    "url": "https://pkg.go.dev/vuln/GO-2025-4125"
}

References

Affected packages

Go / github.com/rhobs/observability-operator

Package

Name: github.com/rhobs/observability-operator; View open source insights on deps.dev
Purl: pkg:golang/github.com/rhobs/observability-operator

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.0

Database specific

source

"https://vuln.go.dev/ID/GO-2025-4125.json"