Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2023-22482

πŸ—“οΈΒ 26 Jan 2023Β 21:12:18Reported byΒ [email protected]TypeΒ 
nvd
Β nvdπŸ”—Β web.nvd.nist.govπŸ‘Β 13Β Views

Argo CD improper authorization bug accepts invalid tokens, patched in v2.6.0-rc

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
Hacker One		Internet Bug Bounty: JWT audience claim is not verified
28 Feb 202318:06
–hackerone
Veracode		Improper Authorization
3 Feb 202307:29
–veracode
OSV		CVE-2023-22482
26 Jan 202321:18
–osv
OSV		JWT audience claim is not verified
25 Jan 202322:02
–osv
OSV		GO-2023-1520 JWT audience claim is not verified in github.com/argoproj/argo-cd
20 Aug 202420:26
–osv
Vulnrichment		CVE-2023-22482 JWT audience claim is not verified
25 Jan 202318:25
–vulnrichment
CVE		CVE-2023-22482
26 Jan 202321:18
–cve
RedhatCVE		CVE-2023-22482
25 Jan 202319:05
–redhatcve
Prion		Authorization
26 Jan 202321:18
–prion
Cvelist		CVE-2023-22482 JWT audience claim is not verified
25 Jan 202318:25
–cvelist
Rows per page
Nvd
Node
argoprojargo_cdRange1.8.2–2.3.14
OR
argoprojargo_cdRange2.4.0–2.4.20
OR
argoprojargo_cdRange2.5.0–2.5.8
OR
argoprojargo_cdMatch2.6.0rc1
OR
argoprojargo_cdMatch2.6.0rc2
OR
argoprojargo_cdMatch2.6.0rc3
OR
argoprojargo_cdMatch2.6.0rc4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
26 Jan 2023 21:18Current
9.1High risk
Vulners AI Score9.1
CVSS38.8
EPSS0.00104
CWE-863
argo cdgitopskubernetescve-2023-22482improper authorizationoidc providertoken validationaudience claimstolen tokenvulnerabilitypatch
13
.json
Report