CNNVD-202601-4869 Information
Jan 29, 2026
cve
CNNVD ID
CNNVD-202601-4869
Related CVE
- CNNVD Published: 2026-01-29
Description (Chinese)
vCluster Platform是vCluster开源的一个虚拟集群管理器。 vCluster Platform 4.6.0之前版本、4.5.4之前版本、4.4.2之前版本和4.3.10之前版本存在安全漏洞,该漏洞源于范围限制可被绕过,可能导致访问范围外资源。
Description (English)
vCluster Platform is a vCluster open source virtual cluster manager. There is a security loophole in vCluster Platform 4.6.0, 4.5.4, 4.4.2 and 4.3.10, which stems from the possibility of circumvention of scope limitations, which may result in access to resources outside the scope.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
vCluster
Published
2026-01-29
Last Modified
2026-02-24
References
https://github.com/loft-sh/loft/security/advisories/GHSA-c539-w4ch-7wxq
Patch
https://github.com/loft-sh/loft/releases
Share on: