Description
A path traversal vulnerability was found in Fleet's ImageScan subsystem in Rancher Fleet 0.12.0 up to 0.12.16, 0.13.0 up to 0.13.12, 0.14.0 up to 0.14.7 and 0.15.0 up to 0.15.3 could be used to traverse outside of the intended directory, causing a denial of service.
Published: 2026-06-30
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A path traversal vulnerability exists in the ImageScan subsystem of Rancher Fleet. The flaw allows an attacker to navigate outside the intended file system location when accessing the GitRepo Path handler, potentially causing the service to become unreachable and leading to a denial of service. The weakness is classified as CWE‑23, a classic directory traversal flaw that bypasses directory boundaries.

Affected Systems

The vulnerability affects SUSE Rancher’s Fleet product. Versions 0.12.0 through 0.12.16, 0.13.0 through 0.13.12, 0.14.0 through 0.14.7, and 0.15.0 through 0.15.3 are susceptible. Users running any of these releases should verify their fleet component version.

Risk and Exploitability

The CVSS base score of 5.3 indicates moderate severity, and no EPSS score is available, implying that the exploitation likelihood is not quantified. The vulnerability is not listed in the CISA KEV catalog. The attack vector is not explicitly described in the CVE description; it is inferred that the path traversal could be exploited via network access if the Fleet API is exposed or through a local compromise that allows input to the ImageScan subsystem.

Generated by OpenCVE AI on June 30, 2026 at 17:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Rancher Fleet to a version beyond 0.15.3, the last affected release, to obtain the patch that removes the traversal logic.
  • If an immediate upgrade is not possible, disable or lock down the ImageScan subsystem so that the GitRepo Path handler cannot accept external inputs that might trigger directory traversal.
  • Configure file system permissions and monitoring so that only necessary users have write access to the image scan directories, and alert on any attempt to access files outside the designated path.

Generated by OpenCVE AI on June 30, 2026 at 17:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Suse
Suse rancher
Vendors & Products Suse
Suse rancher

Tue, 30 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 30 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Description A path traversal vulnerability was found in Fleet's ImageScan subsystem in Rancher Fleet 0.12.0 up to 0.12.16, 0.13.0 up to 0.13.12, 0.14.0 up to 0.14.7 and 0.15.0 up to 0.15.3 could be used to traverse outside of the intended directory, causing a denial of service.
Title Path Traversal in Rancher Fleet ImageScan GitRepo Path Handler
Weaknesses CWE-23
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Suse Rancher
cve-icon MITRE

Status: PUBLISHED

Assigner: suse

Published:

Updated: 2026-06-30T16:00:33.240Z

Reserved: 2026-05-08T12:29:48.969Z

Link: CVE-2026-44948

cve-icon Vulnrichment

Updated: 2026-06-30T15:59:58.119Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T21:00:13Z

Weaknesses
  • CWE-23

    Relative Path Traversal