Security Advisories for github.com/rancher/fleet in go
Critical
about 11 hours ago
Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
go
github.com/rancher/fleet
Moderate
about 11 hours ago
Rancher Fleet has SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
go
github.com/rancher/fleet
High
about 11 hours ago
Rancher Fleet has Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components
go
github.com/rancher/fleet
High
about 11 hours ago
Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent
go
github.com/rancher/fleet
Critical
about 2 months ago
Fleet: Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering
go
github.com/rancher/fleet
High
10 months ago
Rancher Fleet Helm Values are stored inside BundleDeployment in plain text
go
github.com/rancher/fleet
Moderate
about 1 year ago
Fleet doesn’t validate a server’s certificate when connecting through SSH
go
github.com/rancher/fleet