CVE-2020-3996 · Vexday

CVE-2020-3996

EPSS 0.3%

Velero (prior to 1.4.3 and 1.5.2) in some instances doesn’t properly manage volume identifiers which may result in information leakage to unauthorized users.

Affected products

n/a · Velero

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/vmware-tanzu/velero/security/advisories/GHSA-72xg-3mcq-52v4