2 matches found
GO-2026-5874 Rancher Fleet has Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components in github.com/rancher/fleet
Rancher Fleet has Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components in github.com/rancher/fleet...
Rancher Fleet has Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components
Impact A vulnerability has been identified in Fleet when the webhook endpoint is configured without a secret; an attacker can forge webhook requests. The attacker doesn't need to know the specific repository or path configured in the GitRepo resource to make Fleet process these requests. An...