3 matches found
CVE-2026-42297 Argo Workflows Is Missing Authorization in Sync ConfigMap Provider
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the Sync Service's ConfigMap-backed provider server/sync/synccm.go performs zero authorization checks on all CRUD operations create, read,...
PT-2024-3042 · Fortinet · Fortisandbox
Name of the Vulnerable Software and Affected Versions: Fortinet FortiSandbox versions 4.0.0 through 4.0.4 Fortinet FortiSandbox versions 4.2.0 through 4.2.6 Fortinet FortiSandbox versions 4.4.0 through 4.4.3 Description: The issue exists due to improper neutralization of special elements used in ...
PT-2023-8743 · Mastodon · Mastodon
Name of the Vulnerable Software and Affected Versions: Mastodon versions 3.5.0 through 3.5.8 Mastodon versions 4.0.0 through 4.0.4 Mastodon versions 4.1.0 through 4.1.2 Description: The issue arises from a flaw in the media processing code, allowing attackers to create arbitrary files at any...