CVE-2019-14436
Summary: The connected Veracode record indicates a privilege escalation vulnerability in github.com/rancher/rancher caused by improperly enforced API group rules. A project owner with permissions to edit role bindings can allocate a cluster-level role to themselves or others, effectively granting...