{ "schema_version": "1.4.0", "id": "GHSA-xr9q-h9c7-xw8q", "modified": "2025-05-27T18:31:11Z", "published": "2025-02-27T18:27:49Z", "aliases": [ "CVE-2025-23388" ], "summary": "Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API", "details": "### Impact\nAn unauthenticated stack overflow crash, leading to a denial of service (DoS), was identified in Rancher’s `/v3-public/authproviders` public API endpoint. A malicious user could submit data to the API which would cause the Rancher server to crash, but no malicious or incorrect data would actually be written in the API. The downstream clusters, i.e., the clusters managed by Rancher, are not affected by this issue.\n\nThis vulnerability affects those using external authentication providers as well as Rancher’s local authentication.\n\n### Patches\nThe patch includes the removal of unnecessary HTTP methods of the specific API.\n\nPatched versions include releases `v2.8.13`, `v2.9.7` and `v2.10.3`.\n\n### Workarounds\nThere are no workarounds for this issue. Users are recommended to upgrade, as soon as possible, to a version of Rancher Manager that contains the fix.\n\n### References\nIf you have any questions or comments about this advisory:\n- Reach out to the [SUSE Rancher Security team](https://github.com/rancher/rancher/security/policy) for security related inquiries.\n- Open an issue in the [Rancher](https://github.com/rancher/rancher/issues/new/choose) repository.\n- Verify with our [support matrix](https://www.suse.com/suse-rancher/support-matrix/all-supported-versions/) and [product support lifecycle](https://www.suse.com/lifecycle/).", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "affected": [ { "package": { "ecosystem": "Go", "name": "github.com/rancher/rancher" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.8.0" }, { "fixed": "2.8.13" } ] } ] }, { "package": { "ecosystem": "Go", "name": "github.com/rancher/rancher" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.9.0" }, { "fixed": "2.9.7" } ] } ] }, { "package": { "ecosystem": "Go", "name": "github.com/rancher/rancher" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.10.0" }, { "fixed": "2.10.3" } ] } ] } ], "references": [ { "type": "WEB", "url": "https://github.com/rancher/rancher/security/advisories/GHSA-xr9q-h9c7-xw8q" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/pull/48608" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/pull/48954" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/pull/48957" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/pull/48958" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/commit/5c7aded42509ae526383bb296138e8ea0dff9d13" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/commit/92d55b799ac172734106569b61ca87bbd5affcb2" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/commit/a263bf3466717ee4bab802d499a5a167d274813d" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/commit/de3ffa88cc75ae3da122bd36a4489663b5157ee3" }, { "type": "PACKAGE", "url": "https://github.com/rancher/rancher" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/releases/tag/v2.10.3" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/releases/tag/v2.8.13" }, { "type": "WEB", "url": "https://github.com/rancher/rancher/releases/tag/v2.9.7" } ], "database_specific": { "cwe_ids": [ "CWE-121" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2025-02-27T18:27:49Z", "nvd_published_at": "2025-04-11T11:15:42Z" } }