VYPR

Go modules package

github.com/rancher/steve

pkg:golang/github.com/rancher/steve

Vulnerabilities (2)

  • CVE-2023-32198higApr 25, 2025
    affected >= 0.2.0, < 0.2.1fixed 0.2.1

    ### Impact A vulnerability has been identified in Steve where by default it was using an insecure option that did not validate the certificate presented by the remote server while performing a TLS connection. This could allow the execution of a man-in-the-middle (MitM) attack aga

  • CVE-2024-52280HigApr 11, 2025
    affected < 0.0.0-20241029132712-2175e090fe4bfixed 0.0.0-20241029132712-2175e090fe4b

    A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher which allows users to watch resources they are not allowed to access, when they have at least some generic permissions on the type. This issue affects rancher: before 2175e09, before 6e30