10 matches found
SUSE CVE-2024-13484
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
Unauthorized Rule Injection
ArgoCD is vulnerable to unauthorized rule injection. The vulnerability is due to improper namespace isolation, as the openshift.io/cluster-monitoring label is automatically applied to all namespaces deploying an ArgoCD CR instance, allowing them to create unauthorized PrometheusRule objects...
OpenShift GitOps Operator Namespace Isolation Break
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
GHSA-58FX-7V9Q-3G56 OpenShift GitOps Operator Namespace Isolation Break
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
CVE-2024-13484
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
CVE-2024-13484
Technical details for CVE-2024-13484 are not publicly provided in the connected documents. The SUSE advisories mention the CVE but do not supply affected products/versions or root-cause details. Monitor for updates.
CVE-2024-13484
A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wi...
PT-2025-2188
Name of the Vulnerable Software and Affected Versions openshift-gitops-operator-container affected versions not specified ArgoCD affected versions not specified Description A flaw was found in the software, allowing a namespace to create a rogue PrometheusRule when the...