ГлавнаяУязвимости → CVE-2026-44935
9.9критическая

CVE-2026-44935

Описание

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.

Затрагиваемое ПО
Suse Rancher fleet
CVSS
Балл9.9 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://github.com/rancher/fleet/security/advisories/GHSA-xr65-5cpm-g36x