Affected by GO-2023-1991
and 15 other vulnerabilities
GO-2023-1991: Rancher Privilege Escalation Vulnerability in github.com/rancher/rancher
GO-2024-2535: Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' in github.com/rancher/rancher
GO-2024-2537: Rancher 'Audit Log' leaks sensitive information in github.com/rancher/rancher
GO-2024-2760: Rancher's Failure to delete orphaned role bindings does not revoke project level access from group based authentication in github.com/rancher/rancher
GO-2024-2761: Rancher Login Parameter Can Be Edited in github.com/rancher/rancher
GO-2024-2762: Rancher code injection via fluentd config commands in github.com/rancher/rancher
GO-2024-2768: Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources in github.com/rancher/rancher
GO-2024-2771: Rancher's Steve API Component Improper authorization check allows privilege escalation in github.com/rancher/rancher
GO-2024-2778: Rancher Privilege escalation vulnerability via malicious "Connection" header in github.com/rancher/rancher
GO-2024-2929: Rancher's External RoleTemplates can lead to privilege escalation in github.com/rancher/rancher
GO-2024-2931: Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider in github.com/rancher/rancher
GO-2024-2932: Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec in github.com/rancher/rancher
GO-2024-3161: Rancher agents can be hijacked by taking over the Rancher Server URL in github.com/rancher/rancher
GO-2024-3220: Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rancher
GO-2024-3221: Rancher Remote Code Execution via Cluster/Node Drivers in github.com/rancher/rancher
GO-2024-3223: Exposure of vSphere's CPI and CSI credentials in Rancher in github.com/rancher/rancher
type Account struct {
ID int `json:"id,omitempty"`
Login string `json:"login,omitempty"`
Name string `json:"name,omitempty"`
AvatarURL string `json:"avatar_url,omitempty"`
HTMLURL string `json:"html_url,omitempty"`
Type string `json:"type,omitempty"`
}
Account defines properties an account on github has
type Team struct {
ID int `json:"id,omitempty"`
Organization map[string]interface{} `json:"organization,omitempty"`
Name string `json:"name,omitempty"`
Slug string `json:"slug,omitempty"`
}