350 matches found
CVE-2026-45625
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, Arcane's huma-based REST API exposes nine endpoints under /api/customize/git-repositories and /api/git-repositories/sync for managing GitOps source repositories and their stored credentials. Eig...
aks-poc-setup
AKS Production-Grade POC Setup A comprehensive, production-re...
CVE-2026-45625
CVE-2026-45625 (Arcane) : The huma-based REST API exposes nine endpoints under /api/customize/git-repositories and /api/git-repositories/sync without admin enforcement. Eight endpoints bypass checkAdmin(ctx), allowing any authenticated user (default role: user) to list, create, modify, delete, an...
CVE-2026-45625 Arcane: Missing admin authorization on git repository endpoints allows non-admin users to exfiltrate stored Git credentials and tamper with GitOps configs
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, Arcane's huma-based REST API exposes nine endpoints under /api/customize/git-repositories and /api/git-repositories/sync for managing GitOps source repositories and their stored credentials. Eig...
CVE-2026-45625 Arcane: Missing admin authorization on git repository endpoints allows non-admin users to exfiltrate stored Git credentials and tamper with GitOps configs
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, Arcane's huma-based REST API exposes nine endpoints under /api/customize/git-repositories and /api/git-repositories/sync for managing GitOps source repositories and their stored credentials. Eig...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update
Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.6 security update
Important: Red Hat OpenShift GitOps v1.18.6 security update An update is now available for Red Hat OpenShift GitOps...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.4 security update
Important: Red Hat OpenShift GitOps v1.19.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the HideSecretData function that fails to mask predictedLive argument for --server-side-diff command. An attacker can extract last-applied-configuration which may...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the HideSecretData function that fails to mask predictedLive argument for --server-side-diff command. An attacker can extract last-applied-configuration which may...
GHSA-7H26-HG47-P9HX Arcane Backend: Missing admin authorization on git repository endpoints allows non-admin users to exfiltrate stored Git credentials and tamper with GitOps configs
Summary Arcane's huma-based REST API exposes nine endpoints under /api/customize/git-repositories and /api/git-repositories/sync for managing GitOps source repositories and their stored credentials. Eight of those endpoints list, create, get, update, delete, test, listBranches, browseFiles never...
CVE-2026-42880
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...
PT-2026-37356
Name of the Vulnerable Software and Affected Versions Argo CD versions 3.2.0 through 3.2.10 Argo CD versions 3.3.0 through 3.3.8 Description A missing authorization and data-masking gap exists in the '/application.ApplicationService/ServerSideDiff' endpoint. This allows an attacker with read-only...
Important: Red Hat Bug Fix Advisory: Red Hat OpenShift GitOps v1.20.3 bug fix and enhancement update
Red Hat OpenShift GitOps v1.20.3 bug fix and enhancement update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9699 CVE-2026-42880 Kubernetes Secret Extraction via ArgoCD ServerSideDiff gitops-1.20...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.2 security update
Important: Red Hat OpenShift GitOps v1.20.2 security update An update is now available for Red Hat OpenShift GitOps...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.3 security update
Important: Red Hat OpenShift GitOps v1.19.3 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9158 OpenShift Gitops Operator v1.19.2 has hardcoded pod-security labels which conflict OCP = 4.16 GITOPS-9587 multiple CVEs in ose-kube-rbac-pro...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.5 security update
Important: Red Hat OpenShift GitOps v1.18.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9158 OpenShift Gitops Operator v1.19.2 has hardcoded pod-security labels which conflict OCP = 4.16 GITOPS-9587 multiple CVEs in ose-kube-rbac-pro...
CVE-2026-6388
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates ...
Red Hat OpenShift GitOps 安全漏洞
Red Hat OpenShift GitOps is an automated deployment service provided by the American company Red Hat. Red Hat OpenShift GitOps has a security vulnerability, which stems from insufficient validation. This vulnerability could allow attackers to bypass namespace boundaries, triggering cross-namespac...
Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service due to use of Bytes (CVE-2026-25541)
Summary IBM DataPower Gateway uses Bytes in the 'Gateway Peering' feature, and in 10.6.0 and 10.6CD only the 'GitOps' feature. Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to...