K000161495: Rancher Local Path Provisioner vulnerability CVE-2025-62878

Security Advisory Description A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories. CVE-2025-62878 Impact There is no impact; F5 products...

CVE-2026-44543

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

CVE-2026-44543

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

CVE-2026-44543

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

EUVD-2026-32954

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

CVE-2026-44543

Local Path Provisioner (rancher/local-path-provisioner) is affected. Before version 0.0.36, a user with edit rights on the local-path-config ConfigMap can inject a malicious helperPod.yaml into the template used to create HelperPods during PVC provisioning/cleanup. The attacker-controlled templat...

CVE-2026-44543 Local Path Provisioner: HelperPod Template Injection

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

CVE-2026-44543 Local Path Provisioner: HelperPod Template Injection

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

Local Path Provisioner 安全漏洞

Local Path Provisioner is a Kubernetes local storage dynamic provisioning tool developed by Rancher. Versions of Local Path Provisioner prior to 0.0.36 contained security vulnerabilities. These vulnerabilities stemmed from insufficient validation of the helperPod.yaml template. Malicious users...

GHSA-7FXV-8WR2-MFC4 Local Path Provisioner Vulnerable to HelperPod Template Injection

Impact A malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by rancher/local-path-provisioner. The helperPod.yaml template is loaded by the provisioner and used to create HelperPods during PVC...

Local Path Provisioner Vulnerable to HelperPod Template Injection

Impact A malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by rancher/local-path-provisioner. The helperPod.yaml template is loaded by the provisioner and used to create HelperPods during PVC...

PT-2026-39897

Name of the Vulnerable Software and Affected Versions local-path-provisioner versions prior to 0.0.36 Description A malicious user with permissions to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template. This template is used to crea...

CVE-2026-33814 vulnerabilities

Vulnerabilities for packages: cloudflared, step-ca, libnvidia-container, falcosidekick, cloud-provider-gcp-cloud-controller-manager, crossplane-provider-aws-cloudwatchlogs, crossplane-provider-aws-memorydb, kots, prometheus-adapter, xeol, k8sgateway, slsa-verifier, helm-mapkubeapis,...

CVE-2026-33814 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-bedrockagent, rke2-runtime-fips, k8s-agents-operator, virt-operator-fips, openbao-fips, moby-ryuk, crossplane-provider-azure-search, gpu-operator, crossplane-provider-aws-dynamodb-fips, crossplane-provider-aws-route53resolver-fips, buildkitd,...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: kargo, vcluster, rancher-agent, jitsucom-bulker, trivy-operator, emissary, velero, cloudnative-pg, percona-server-mongodb-operator, verticadb-operator, zarf, cilium-cli, istio, infinispan-operator, postgres-operator, trivy, dynamic-localpv-provisioner, skaffold, kots...

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator, sftpgo-plugin-eventsearch, aws-privateca-issuer, flux, volume-modifier-for-k8s, github-mcp-server, grafana-rollout-operator, flux-image-automation-controller, stakater-reloader, secrets-store-csi-driver-provider-aws,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: step-ca, libnvidia-container, sbom-convert, kots, prometheus-adapter, xeol, slsa-verifier, mockery, helm-mapkubeapis, terraform-provider-azuread, gh, envoy-gateway, secrets-store-csi-driver, falco-no-driver, kubernetes-csi-driver-hostpath, go-licenses, eksctl,...

CLEANSTART-2026-UM45661 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, ghsa-6v2p-p543-phr9, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw applied in versions: 4.4.0-r0, 4.4.0-r1, 4.4.0-r2, 4.4.0-r3

Multiple security vulnerabilities affect the dynamic-localpv-provisioner package. These issues are resolved in later releases. See references for individual vulnerability details...

Improper Authorization

github.com/smallstep/certificates is vulnerable to Improper Authorization. The vulnerability is due to insufficient authorization checks in SSH certificate revocation with the SSHPOP provisioner, which allows an attacker to improperly revoke certificates...

CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern

A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories...