SecBoard
Zurück zur CVE-Übersicht

CVE-2026-44937

NONE
Risk Signal Score10/100 — NIEDRIG
  • Weniger als 24 Stunden alt

Beschreibung

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the system.

GitHub Advisories

GHSA-jmf4-m7j9-g72rHIGH

Rancher Fleet has Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components

go/github.com/rancher/fleet0.15.2
GitHub Advisory

Referenzen