CVE-2024-12401 in cert-managerinfo

Summary

by MITRE • 12/12/2024

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector for the cert-manager in the cluster.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

12/10/2024

Disclosure

12/12/2024

Moderation

accepted

CPE

ready

EPSS

0.00645

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!