Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-58259
Awaiting Analysis
More InfoOfficial Page
Source-meissner@suse.de
View Known Exploited Vulnerability (KEV) details
Published At-02 Sep, 2025 | 12:15
Updated At-02 Sep, 2025 | 15:55

A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated) and authenticated API endpoints. This allows a malicious user to exploit this by sending excessively large payloads, which are fully loaded into memory during processing, leading to Denial of Service (DoS).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Type: Secondary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-770Primarymeissner@suse.de
CWE ID: CWE-770
Type: Primary
Source: meissner@suse.de
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58259meissner@suse.de
N/A
https://github.com/rancher/rancher/security/advisories/GHSA-4h45-jpvh-6p5jmeissner@suse.de
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58259
Source: meissner@suse.de
Resource: N/A
Hyperlink: https://github.com/rancher/rancher/security/advisories/GHSA-4h45-jpvh-6p5j
Source: meissner@suse.de
Resource: N/A
Change History
0Changes found
Details not found