Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-ACF926953573C018DE46A05087E172A3HistoryDec 09, 2021 - 12:00 a.m.
Observable Discrepancy
2021-12-0900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
6
0.001 Low
EPSS
Percentile
41.5%
Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumeration vulnerability which allowed attackers to determine the usernames of valid (non-SSO) accounts because /api/v1/session returned 401 for an existing username and 404 otherwise.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/github.com/argoproj/argo-cd/util/session | eq | 1.5.0 |
Related
prion
prion
Code injection
2020-04-08 18:15:00
nvd
nvd
CVE-2020-11576
2020-04-08 18:15:15
osv
osv
Observable Discrepancy in Argo
2021-12-09 19:59:24
BIT-argo-cd-2020-11576
2024-03-06 10:52:16
CVE-2020-11576
2020-04-08 18:15:15
cvelist
cvelist
CVE-2020-11576
2020-04-08 17:40:50
veracode
veracode
Information Disclosure
2020-04-09 03:48:19
cve
cve
CVE-2020-11576
2020-04-08 18:15:15
github
github
Observable Discrepancy in Argo
2021-12-09 19:59:24