CVE-2026-44936
5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Summary
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials (BasicAuth) to any URL specified in the helm.repo field of a fleet.yaml file, allowing attackers able to push to fleet monitored git repos to leak helm access credentials.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SUSE | Rancher | 0.15.0 < 0.15.2 | affected |
| SUSE | Rancher | 0.14.0 < 0.14.6 | affected |
| SUSE | Rancher | 0.13.0 < 0.13.11 | affected |
| SUSE | Rancher | 0.12.0 < 0.12.15 | affected |
Weaknesses
- CWE-918: CWE-918 Server-Side request forgery (SSRF)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.