Go modules package
github.com/rancher/rke
pkg:golang/github.com/rancher/rke
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-32191 | Cri | 9.9 | >= 1.4.18, < 1.4.19 | 1.4.19 | Oct 16, 2024 | When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin. |
- affected >= 1.4.18, < 1.4.19fixed 1.4.19
When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin.