VYPR

Go modules package

github.com/rancher/local-path-provisioner

pkg:golang/github.com/rancher/local-path-provisioner

Vulnerabilities (2)

  • CVE-2026-44543HigMay 28, 2026
    affected < 0.0.36fixed 0.0.36

    Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used

  • CVE-2025-62878CriFeb 25, 2026
    affected < 0.0.34fixed 0.0.34

    A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories.