x/vulndb: potential Go vuln in github.com/kubewarden/kubewarden-controller: CVE-2025-24376

[GoVulnBot]

Advisory CVE-2025-24376 references a vulnerability in the following Go modules:

Module
github.com/kubewarden/kubewarden-controller

Description:
kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside o...

References:

• ADVISORY: https://nvd.nist.gov/vuln/detail/CVE-2025-24376
• FIX: kubewarden/kubewarden-controller@8124039
• WEB: GHSA-fc89-jghx-8pvg

No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/kubewarden/kubewarden-controller
      vulnerable_at: 1.21.0
summary: CVE-2025-24376 in github.com/kubewarden/kubewarden-controller
cves:
    - CVE-2025-24376
references:
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-24376
    - fix: https://github.com/kubewarden/kubewarden-controller/commit/8124039b5f0c955d0ee8c8ca12d4415282f02d2c
    - web: https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-fc89-jghx-8pvg
source:
    id: CVE-2025-24376
    created: 2025-01-30T17:01:23.181336741Z
review_status: UNREVIEWED