VYPR
High severity7.6GHSA Advisory· Published Oct 2, 2025· Updated Apr 15, 2026

CVE-2024-58260

CVE-2024-58260

Description

A vulnerability has been identified within Rancher Manager where a missing server-side validation on the .username field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/rancher/rancherGo
>= 2.12.0, < 2.12.22.12.2
github.com/rancher/rancherGo
>= 2.11.0, < 2.11.62.11.6
github.com/rancher/rancherGo
>= 2.10.0, < 2.10.102.10.10
github.com/rancher/rancherGo
>= 2.9.0, < 2.9.122.9.12

Affected products

5

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.