Withdrawn Advisory: Cluster Monitoring Operator contains a credentials leak
Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not affect a package in the Go registry. For more information, see the discussion here. This link is maintained to preserve external references. Original Description A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository …