10 matches found
CVE-2024-6484 vulnerabilities
Vulnerabilities for packages: jupyter-base-notebook, rancher-api-ui...
GHSA-9MVJ-F7W8-PVH2 vulnerabilities
Vulnerabilities for packages: rancher-api-ui, jupyter-base-notebook...
CVE-2024-6484 vulnerabilities
Vulnerabilities for packages: rancher-api-ui, jupyter-base-notebook...
CVE-2025-1647 vulnerabilities
Vulnerabilities for packages: rancher-api-ui...
GHSA-Q58R-HWC8-RM9J vulnerabilities
Vulnerabilities for packages: rancher-api-ui...
CVE-2025-1647 vulnerabilities
Vulnerabilities for packages: rancher-api-ui...
Stack Overflow
github.com/rancher/rancher is vulnerable to Stack Overflow. The vulnerability is due to improper input handling in Rancher’s /v3-public/authproviders API endpoint, which allows a malicious user to trigger a stack overflow, leading to a crash and denial of service DoS...
GHSA-XR9Q-H9C7-XW8Q Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
Impact An unauthenticated stack overflow crash, leading to a denial of service DoS, was identified in Rancher’s /v3-public/authproviders public API endpoint. A malicious user could submit data to the API which would cause the Rancher server to crash, but no malicious or incorrect data would...
Rancher API Server Cross-site Scripting Vulnerability
Impact A vulnerability has been identified in which unauthenticated cross-site scripting XSS in the API Server's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely. The attack vector was identifi...
Rancher Server - Docker Daemon Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Server - Docker Exploit', 'Description' = %q Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounte...