Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials (BasicAuth) to any URL specified in the helm.repo field of a fleet.yaml file, allowing attackers able to push to fleet monitored git repos to leak helm access credentials.
| Vendor | Product | Versions |
|---|---|---|
| su | rancher fleet | 0.15.0, 0.14.0, 0.13.0, 0.12.0, 0.12.14, 0.13.10, 0.14.5, 0.15.1 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| go | github.com/rancher/fleet | GHSA | 85% |
Updated affected versions to include 0.12.14, 0.13.10, 0.14.5, and 0.15.1, and marked the vulnerability as actively exploited with no exploit available.
Initial creation