VYPR
High severity8.2GHSA Advisory· Published Sep 2, 2025· Updated Apr 15, 2026

CVE-2024-58259

CVE-2024-58259

Description

A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated) and authenticated API endpoints. This allows a malicious user to exploit this by sending excessively large payloads, which are fully loaded into memory during processing, leading to Denial of Service (DoS).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/rancherGo
>= 2.12.0, < 2.12.12.12.1
github.com/rancher/rancherGo
>= 2.11.0, < 2.11.52.11.5
github.com/rancher/rancherGo
>= 2.10.0, < 2.10.92.10.9
github.com/rancher/rancherGo
>= 2.9.0, < 2.9.112.9.11
github.com/rancher/rancherGo
< 0.0.0-20250813072957-aee95d4e2a410.0.0-20250813072957-aee95d4e2a41

Affected products

5

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.