Lucene search
K

6 matches found

OSV
OSV
added 2026/07/01 8:57 p.m.4 views

GHSA-VX8H-4PRV-G744 Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/07/01 8:57 p.m.6 views

Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/30 2:21 p.m.12 views

CVE-2026-44947

CVE-2026-44947 describes a missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher, affecting versions 2.13.0–2.13.7 and 2.14.0–2.14.3. The issue allows users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those per...

6.9CVSS5.7AI score0.00229EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.8 views

Fedora: Security Advisory for golang-k8s-pod-security-admission (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.25 views

Fedora: Security Advisory for golang-k8s-pod-security-admission (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS9.1AI score0.05994EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.18 views

Fedora: Security Advisory for golang-k8s-pod-security-admission (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Rows per page
Query Builder