169 matches found
Argo CD Unauthenticated Access to sensitive setting
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. id: CVE-2024-37152 info: name: Ar...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.21.1 security update
Important: Red Hat OpenShift GitOps v1.21.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-10083 RC 1.21.0-7: Missing permission for web-based terminal in Argocd UI GITOPS-10178 OpenShift GitOps operator v1.21.0 breaks Redis-HA...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: skaffold, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator, kubescape, frankenphp-8.2, traefik-fips, kubernetes-dashboard, argocd-image-updater-fips, zot, trivy-operato...
GHSA-89GR-R52H-F8RX vulnerabilities
Vulnerabilities for packages: apko, crossplane-provider-azure-servicefabric, skaffold, consul, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, crossplane-provider-azure-signalrservice, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: apko, skaffold, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, kubescape-server, kaf, prometheus-operator, prometheus-podman-exporter-fips, nuclei, mapotf-fips, kubescape, frankenphp-8.2, traefik-fips, kubernetes-dashboard,...
GHSA-QPW4-5X99-6VJP vulnerabilities
Vulnerabilities for packages: apko, skaffold, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator, prometheus-podman-exporter-fips, nuclei, mapotf-fips, kubescape, frankenphp-8.2, traefik-fips,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: skaffold, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator, kubescape, frankenphp-8.2, traefik-fips, kubernetes-dashboard, argocd-image-updater-fips, zot, trivy-operato...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: apko, crossplane-provider-azure-servicefabric, skaffold, consul, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, crossplane-provider-azure-signalrservice, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator,...
GHSA-VGWF-H737-FF37 vulnerabilities
Vulnerabilities for packages: apko, skaffold, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator, prometheus-podman-exporter-fips, nuclei, mapotf-fips, kubescape, frankenphp-8.2, traefik-fips,...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, gitlab-kas, kyverno, openbao, chisel, neuvector-sigstore-interface, crossplane-provider-aws-iam, scorecard, gitlab-runner, fulcio, zarf, dagger, cilium, gomplate, k9s, cilium-cli, argo-cd, external-secrets-operator, grype, rancher,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: knative-serving, flux-source-controller, istio, mattermost, nerdctl, gitlab-kas, spire-server, trivy-operator, containerd, kyverno, chisel, telegraf, snyk-cli, gitea, helm, kubescape, prometheus, rancher-agent, kine, kots, zarf, cilium,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: gitlab-kas, kyverno, openbao, chisel, neuvector-sigstore-interface, scorecard, gitlab-runner, fulcio, zarf, dagger, cilium, gomplate, k9s, cilium-cli, argo-cd, external-secrets-operator, grype, rancher, crossplane-provider-family-azure, zot, loki, fscrypt, tflint,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: knative-serving, flux-source-controller, istio, mattermost, nerdctl, gitlab-kas, opentofu, spire-server, act, teleport, trivy-operator, wolfictl, containerd, kyverno, pulumi-language-yaml, witness, telegraf, snyk-cli, terragrunt, pulumi-language-dotnet, gitea, helm,...
GO-2026-5099 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd
ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd...
OPENSUSE-SU-2026:10888-1 argocd-cli-3.4.3-1.1 on GA media
These are all security issues fixed in the argocd-cli-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update
Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.4 security update
Important: Red Hat OpenShift GitOps v1.19.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions...
CVE-2026-45738 vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd...
CVE-2026-45737 vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd...
GHSA-RG3G-4RW9-GQRP vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd...