{"vulnerability": "CVE-2024-2513", "sightings": [{"uuid": "57158981-59fe-423f-bb91-b777e7f57418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldo62oxcw22r", "content": "", "creation_timestamp": "2024-12-19T15:15:50.413064Z"}, {"uuid": "36868208-569f-4aa2-82f4-3b5d9c143979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113679923344883938", "content": "", "creation_timestamp": "2024-12-19T14:19:31.427778Z"}, {"uuid": "e158a486-7a90-4ec5-aa4a-746df9bfafff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113747904621900088", "content": "", "creation_timestamp": "2024-12-31T14:28:03.480372Z"}, {"uuid": "d41e64b2-575a-4d53-beaa-9e4108f69194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lemdngv5ve25", "content": "", "creation_timestamp": "2024-12-31T15:15:47.057979Z"}, {"uuid": "b9bd1c5c-1779-44d6-959e-069479c37d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lep7dawqm42e", "content": "", "creation_timestamp": "2025-01-01T18:36:23.042420Z"}, {"uuid": "9167ae56-4303-4655-a91c-bd4bf42cf7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}, {"uuid": "c1f4aaa1-53e6-4b85-a01e-c6d2354a9ff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:02.000000Z"}, {"uuid": "c53f2fe9-a122-4209-9f59-6f28d8c5effa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25132", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8111", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25132\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If a ClusterSync.hiveinternal.openshift.io/v1alpha1 resource is also created, the hive hibernation controller will enter the reconciliation loop leading to a panic when accessing a non-existing field in the ClusterDeployment\u2019s status section, resulting in a denial of service.\n\ud83d\udccf Published: 2025-03-19T17:57:14.659Z\n\ud83d\udccf Modified: 2025-03-19T17:57:14.659Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-25132\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2260371", "creation_timestamp": "2025-03-19T18:19:31.000000Z"}, {"uuid": "46d7eeb0-b07c-4823-b78a-8630e6a8ff31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25132", "type": "seen", "source": "https://t.me/cvedetector/20662", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25132 - OpenShift Dedicated Hive Hibernation Controller Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-25132 \nPublished : March 19, 2025, 6:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If a ClusterSync.hiveinternal.openshift.io/v1alpha1 resource is also created, the hive hibernation controller will enter the reconciliation loop leading to a panic when accessing a non-existing field in the ClusterDeployment\u2019s status section, resulting in a denial of service. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T20:29:49.000000Z"}, {"uuid": "37a9fc7a-263d-4cc8-ba6f-7b794b3f7507", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "https://t.me/cvedetector/13334", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25131 - OpenShift Dedicated MustGather Custom Defined Resource Privilege Escalation Persistence Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-25131 \nPublished : Dec. 19, 2024, 3:15 p.m. | 43\u00a0minutes ago \nDescription : A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T17:19:37.000000Z"}, {"uuid": "5b6c4f6b-4737-427e-b10a-56b9ea89a083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://t.me/cvedetector/14037", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25133 - OpenShift Dedicated Hive ClusterDeployments Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-25133 \nPublished : Dec. 31, 2024, 3:15 p.m. | 40\u00a0minutes ago \nDescription : A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T17:03:37.000000Z"}, {"uuid": "17b39658-e58e-44ff-a27a-9100be6e06e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25130", "type": "seen", "source": "Telegram/fZ5sjqAWXWkXTJC_HYes_Y5C9nfL1tnr0fwOrXKMXwr8NRuZ", "content": "", "creation_timestamp": "2025-02-06T02:44:21.000000Z"}, {"uuid": "f88a124a-169d-4d26-8501-9a84f777b772", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25139", "type": "seen", "source": "https://t.me/ctinow/207963", "content": "https://ift.tt/BLqvRkg\nCVE-2024-25139", "creation_timestamp": "2024-03-14T17:31:52.000000Z"}, {"uuid": "28ece3a8-8540-43ec-8913-562973ea1f3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25139", "type": "seen", "source": "https://t.me/ctinow/207967", "content": "https://ift.tt/BLqvRkg\nCVE-2024-25139", "creation_timestamp": "2024-03-14T17:36:12.000000Z"}, {"uuid": "a5998735-1367-4c7e-8f36-9c47d541554c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25130", "type": "seen", "source": "https://t.me/ctinow/206765", "content": "https://ift.tt/GtdNrZ6\nCVE-2024-25130 | Enalean Tuleap Community Edition/Tuleap Enterprise Edition information disclosure", "creation_timestamp": "2024-03-13T15:17:09.000000Z"}, {"uuid": "e8bd53c4-b442-4394-8197-a7a9032f5f0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25130", "type": "seen", "source": "https://t.me/ctinow/191119", "content": "https://ift.tt/Tr0BEMl\nCVE-2024-25130", "creation_timestamp": "2024-02-22T20:26:31.000000Z"}, {"uuid": "eb83471d-e616-4e94-b4c2-031c6b6a5460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25130", "type": "seen", "source": "https://t.me/ctinow/191125", "content": "https://ift.tt/Tr0BEMl\nCVE-2024-25130", "creation_timestamp": "2024-02-22T20:26:40.000000Z"}]}