{"id":"CVE-2022-43756","details":"A Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wrangler version 0.8.4 and prior versions; wrangler version 1.0.0 and prior versions.","aliases":["GHSA-8fcj-gf77-47mg","GO-2023-1515"],"modified":"2026-04-10T04:52:10.253483Z","published":"2023-02-07T13:15:09.717Z","references":[{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1205296"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rancher/wrangler","events":[{"introduced":"0"},{"fixed":"12397eec50155cb2d24aa70bdf9e90c5f3b9a727"},{"introduced":"b1b1eff795f1507fd20fb73b205d47bc160dc9f2"},{"fixed":"1013bc2cb2f26bd36a23e6a2cdac1a753a6f13a4"},{"introduced":"0"},{"last_affected":"5167c04fcdd50e24d9710813572382eeb3064805"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.7.4"},{"introduced":"0.8.0"},{"fixed":"0.8.5"},{"introduced":"0"},{"last_affected":"1.0.0"}]}}],"versions":["v0.1.0","v0.1.1","v0.1.2","v0.1.3","v0.1.4","v0.1.5","v0.1.6","v0.2.0","v0.3.0","v0.3.1","v0.4.0","v0.4.1","v0.5.0","v0.5.1","v0.5.2","v0.5.3","v0.6.0","v0.6.1","v0.7.0","v0.7.1","v0.7.2","v0.8.0","v0.8.1","v0.8.10","v0.8.2","v0.8.3","v0.8.4","v0.8.5","v0.8.6","v0.8.7","v0.8.8","v0.8.9","v1.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-43756.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}