baremetal-operator — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in baremetal-operator, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-29781	Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD CWE-200	6.5	Medium	2025-03-17
CVE-2024-43803	BMO can expose particularly named secrets from other namespaces via BMH CRD CWE-200	4.9	Medium	2024-09-03
CVE-2023-30841	Ironic and ironic-inspector deployed within Baremetal Operator may expose as ConfigMaps CWE-200	6.0	Medium	2023-04-26

All 3 known CVE vulnerabilities affecting baremetal-operator with full Chinese analysis, references, and POCs where available.