open-cluster-management.io/ocm

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting open-cluster-management.io/ocmpage 1 of 1

CVE-2024-9779HIGHCVSS 7.5EG 7.5✓ Fixed in 0.13.0
2024-12-17
A flaw was found in Open Cluster Management (OCM) when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-man…
CVE-2026-4740HIGHCVSS 8.2EG 8.2✓ Fixed in 1.2.1
2026-04-07
A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client c…

Check whether open-cluster-management.io/ocm is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for open-cluster-management.io/ocm CVEs against the assets you own.

Start Free Scan →