VYPR
High severityNVD Advisory· Published May 2, 2022· Updated Sep 17, 2024

Exposure of repository credentials to external third-party sources

CVE-2021-36778

Description

A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/rancherGo
>= 2.6.0, < 2.6.32.6.3
github.com/rancher/rancherGo
>= 2.5.0, < 2.5.122.5.12

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.