VYPR

Go modules package

github.com/rancher/rke

pkg:golang/github.com/rancher/rke

Vulnerabilities (1)

  • CVE-2023-32191CriOct 16, 2024
    affected >= 1.4.18, < 1.4.19fixed 1.4.19

    When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin.