CVE-2025-23388

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-23388
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-23388.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-23388
Aliases
Downstream
Related
Published
2025-04-11T11:15:42.500Z
Modified
2026-03-09T23:54:31.879242Z
Severity
  • 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVSS Calculator
Summary
[none]
Details

A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.

References

Affected packages

Git / github.com/rancher/rancher

Affected ranges

Type
GIT
Repo
https://github.com/rancher/rancher
Events
Introduced
72f58378bf03122a9651c9bd3b4c143a57e8fdaa
Fixed
a717664d9c190b98a1d085744b3838bdc78e9f2a
Introduced
9e0cc54e7e3a924cf0ed5c5d4db0a6e53805c75e
Fixed
cecf1d1e99c7c046e73141d97595e18e0c0a78b2
Introduced
df45e368c82d4027410fa4700371982b9236b7c8
Fixed
ecc87e7d86e96949523872ab091c6f7a009b2f67
Database specific 
{
    "versions": [
        {
            "introduced": "2.8.0"
        },
        {
            "fixed": "2.8.13"
        },
        {
            "introduced": "2.9.0"
        },
        {
            "fixed": "2.9.7"
        },
        {
            "introduced": "2.10.0"
        },
        {
            "fixed": "2.10.3"
        }
    ]
}

Affected versions

v2.*
v2.10.0
v2.10.0-alpha1
v2.10.0-alpha10
v2.10.0-alpha11
v2.10.0-alpha12
v2.10.0-alpha2
v2.10.0-alpha3
v2.10.0-alpha4
v2.10.0-alpha5
v2.10.0-alpha6
v2.10.0-alpha7
v2.10.0-alpha8
v2.10.0-alpha9
v2.10.0-rc1
v2.10.0-rc2
v2.10.0-rc3
v2.10.0-rc4
v2.10.1
v2.10.1-alpha1
v2.10.1-rc1
v2.10.2
v2.10.2-alpha1
v2.10.2-alpha2
v2.10.2-alpha3
v2.10.2-alpha4
v2.10.2-rc1
v2.10.3-alpha1
v2.10.3-alpha2
v2.10.3-rc1
v2.8.0
v2.8.0-rc5
v2.8.10
v2.8.10-alpha1
v2.8.10-alpha2
v2.8.10-rc1
v2.8.10-rc2
v2.8.11
v2.8.11-alpha1
v2.8.11-rc1
v2.8.12
v2.8.12-alpha1
v2.8.12-alpha2
v2.8.12-rc1
v2.8.13-alpha1
v2.8.13-rc1
v2.8.3
v2.8.3-alpha1
v2.8.3-alpha2
v2.8.3-rc1
v2.8.3-rc2
v2.8.3-rc3
v2.8.3-rc4
v2.8.3-rc5
v2.8.3-rc6
v2.8.3-rc7
v2.8.3-rc8
v2.8.4
v2.8.4-alpha1
v2.8.4-rc1
v2.8.4-rc2
v2.8.4-rc3
v2.8.4-rc4
v2.8.4-rc5
v2.8.6
v2.8.6-alpha1
v2.8.6-alpha2
v2.8.6-alpha3
v2.8.6-alpha4
v2.8.6-alpha5
v2.8.6-alpha6
v2.8.6-rc1
v2.8.6-rc2
v2.8.6-rc3
v2.8.6-rc4
v2.8.7
v2.8.7-rc1
v2.8.7-rc10
v2.8.7-rc2
v2.8.7-rc3
v2.8.7-rc4
v2.8.7-rc5
v2.8.7-rc6
v2.8.7-rc7
v2.8.7-rc8
v2.8.7-rc9
v2.8.8
v2.8.8-alpha1
v2.8.8-alpha2
v2.8.8-rc1
v2.8.9
v2.8.9-alpha1
v2.8.9-alpha10
v2.8.9-alpha2
v2.8.9-alpha3
v2.8.9-alpha4
v2.8.9-alpha5
v2.8.9-alpha6
v2.8.9-alpha8
v2.8.9-alpha9
v2.8.9-rc1
v2.8.9-rc2
v2.9.0
v2.9.0-alpha1
v2.9.0-alpha2
v2.9.0-alpha3
v2.9.0-alpha4
v2.9.0-alpha5
v2.9.0-alpha6
v2.9.0-alpha7
v2.9.0-alpha8
v2.9.0-rc1
v2.9.0-rc2
v2.9.0-rc3
v2.9.0-rc4
v2.9.0-rc5
v2.9.0-rc6
v2.9.1
v2.9.1-alpha1
v2.9.1-alpha2
v2.9.1-rc1
v2.9.1-rc2
v2.9.1-rc3
v2.9.1-rc4
v2.9.1-rc5
v2.9.1-rc6
v2.9.2
v2.9.2-alpha1
v2.9.2-alpha2
v2.9.2-alpha3
v2.9.2-alpha4
v2.9.2-alpha5
v2.9.2-alpha6
v2.9.2-alpha7
v2.9.2-rc1
v2.9.3
v2.9.3-alpha1
v2.9.3-alpha2
v2.9.3-alpha3
v2.9.3-alpha4
v2.9.3-alpha5
v2.9.3-alpha6
v2.9.3-alpha7
v2.9.3-rc1
v2.9.3-rc2
v2.9.4
v2.9.4-alpha1
v2.9.4-alpha2
v2.9.4-alpha3
v2.9.4-alpha4
v2.9.4-alpha5
v2.9.4-hotfix-schema-leak.1
v2.9.4-rc1
v2.9.4-rc2
v2.9.4-rc3
v2.9.5
v2.9.5-alpha1
v2.9.5-rc1
v2.9.6
v2.9.6-alpha1
v2.9.6-alpha2
v2.9.6-alpha3
v2.9.6-rc1
v2.9.7-alpha1
v2.9.7-alpha2
v2.9.7-alpha3
v2.9.7-rc1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-23388.json"