A vulnerability was discovered in Rancher 2.0.0 through the aforementioned patched versions, where a malicious Rancher user could craft an API request directed at the proxy for the Kubernetes API of a ...
Continue Reading
April 25, 2024
A vulnerability was discovered in Rancher versions 2.0 through the aforementioned fixed versions, where users were granted access to resources regardless of the resource's API group. For example ...
Continue Reading
April 25, 2024
Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/ ...
Continue Reading
April 25, 2024
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote c ...
Continue Reading
April 25, 2024
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are cre ...
Continue Reading
April 25, 2024
Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/ ...
Continue Reading
April 25, 2024
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote c ...
Continue Reading
April 25, 2024
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are cre ...
Continue Reading
April 25, 2024
Back to Main
