Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • H
Incorrect Permission Assignment for Critical Resource 		github.com/rancher/rancher/pkg/httpproxy >=2.0.0 <2.4.16 >=2.5.0 <2.5.9 Go 25 Apr 2024
  • H
Reliance on Untrusted Inputs in a Security Decision 		github.com/rancher/rancher/pkg/multiclustermanager >=2.0.0 <2.4.16 >=2.5.0 <2.5.9 Go 25 Apr 2024
  • H
Reliance on Untrusted Inputs in a Security Decision 		github.com/rancher/rancher/pkg/auth/requests >=2.0.0 <2.4.16 >=2.5.0 <2.5.9 Go 25 Apr 2024
  • M
Improper Input Validation 		github.com/rancher/rancher/pkg/auth/providers/saml <2.3.0-alpha4 Go 25 Apr 2024
  • H
Improper Control of Generation of Code ('Code Injection') 		github.com/rancher/rancher >=2.0.0 <2.2.4 Go 25 Apr 2024
  • H
Improper Access Control 		github.com/rancher/rancher/pkg/controllers/management/auth <2.4.18 >=2.5.0 <2.5.12 >=2.6.0 <2.6.3 Go 25 Apr 2024
  • H
Improper Access Control 		github.com/rancher/rancher/pkg/agent/clean <2.4.18 >=2.5.0 <2.5.12 >=2.6.0 <2.6.3 Go 25 Apr 2024
  • H
Improper Access Control 		github.com/rancher/rancher/app <2.4.18 >=2.5.0 <2.5.12 >=2.6.0 <2.6.3 Go 25 Apr 2024
  • C
Improper Authentication 		github.com/rancher/rancher/pkg/controllers/management/auth >=2.0.0 <2.0.14 >=2.1.0 <2.1.9 >=2.2.0 <2.2.2 Go 25 Apr 2024
  • C
Improper Authentication 		github.com/rancher/rancher/app >=2.0.0 <2.0.14 >=2.1.0 <2.1.9 >=2.2.0 <2.2.2 Go 25 Apr 2024
  • H
SQL Injection 		neural-compressor [,2.5) pip 24 Apr 2024
  • H
Unrestricted Upload of File with Dangerous Type 		moodle/moodle >=2.0.1 Composer 24 Apr 2024
  • C
Server-Side Request Forgery (SSRF) 		moodle/moodle <3.9.18 >=3.11, <3.11.11 >=4.0, <4.0.5 Composer 24 Apr 2024
  • H
Weak Password Recovery Mechanism for Forgotten Password 		moodle/moodle <2.7.16 >=2.9, <2.9.8 >=3.0, <3.0.6 >=3.1, <3.1.2 Composer 24 Apr 2024
  • M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 		moodle/moodle >=2.8, <2.8.10 >=2.9, <2.9.4 >=3.0, <3.0.2 Composer 24 Apr 2024
  • M
Cross-Site Scripting (XSS) 		moodle/moodle >=3.11, <3.11.11 >=4.0, <4.0.5 Composer 24 Apr 2024
  • M
Improper Input Validation 		moodle/moodle <3.1.18 >=3.4, <3.4.9 >=3.5, <3.5.6 >=3.6, <3.6.4 Composer 24 Apr 2024
  • M
Information Exposure 		moodle/moodle <3.1.7 >=3.2, <3.2.4 >=3.3, <3.3.1 Composer 24 Apr 2024
  • M
Information Exposure 		moodle/moodle >=3.1, <3.1.1 Composer 24 Apr 2024
  • M
Improper Input Validation 		moodle/moodle >=2.7, <2.7.18 >=3.0, <3.0.8 >=3.1, <3.1.4 >=3.2, <3.2.1 Composer 24 Apr 2024
  • M
Cross-Site Scripting (XSS) 		moodle/moodle <3.9.18 >=3.11, <3.11.11 >=4.0, <4.0.5 Composer 24 Apr 2024
  • M
Information Exposure Through an Error Message 		moodle/moodle >=3.10, <3.10.4 Composer 24 Apr 2024
  • M
Cross-site Scripting (XSS) 		moodle/moodle >=3.1, <3.1.12 >=3.2, <3.2.9 >=3.3, <3.3.6 >=3.4, <3.4.3 Composer 24 Apr 2024
  • M
Improper Access Control 		moodle/moodle <3.5.7 >=3.6.0, <3.6.5 >=3.7.0, <3.7.1 Composer 24 Apr 2024
  • M
Server-side Request Forgery (SSRF) 		moodle/moodle <3.9.15 >=3.11, <3.11.8 >=4.0, <4.0.2 Composer 24 Apr 2024
  • M
Improper Access Control 		moodle/moodle <3.5.7 >=3.6.0, <3.6.5 >=3.7.0, <3.7.1 Composer 24 Apr 2024
  • M
Information Exposure 		moodle/moodle >=3.10, <3.10.4 >=3.9, <3.9.7 >=3.8, <3.8.9 >=3.5, <3.5.18 Composer 24 Apr 2024
  • M
Cross-Site Request Forgery (CSRF) 		moodle/moodle >=2.7, <2.7.20 >=3.0, <3.0.10 >=3.1, <3.1.6 >=3.2, <3.2.3 Composer 24 Apr 2024
  • C
Malicious Package 		hardhat-daemon * npm 24 Apr 2024
  • C
Malicious Package 		react-dom-production-script * npm 24 Apr 2024