GHSA-4fc7-hc63-7fjg, CVE-2021-36778
go/github.com/rancher/rancher
Exposure of repository credentials to external third-party sources in Rancher
A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.
All versions starting from 2.5.0 before 2.5.12, all versions starting from 2.6.0 before 2.6.3
Upgrade to versions 2.6.3 or above.
2022-05-03
source |