169 matches found
Argo CD Unauthenticated Access to sensitive setting
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. id: CVE-2024-37152 info: name: Ar...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.21.1 security update
Important: Red Hat OpenShift GitOps v1.21.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-10083 RC 1.21.0-7: Missing permission for web-based terminal in Argocd UI GITOPS-10178 OpenShift GitOps operator v1.21.0 breaks Redis-HA...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: omnictl-multiarch-fips, kubernetes-dashboard, flux-source-controller, cert-manager, kube-arangodb-fips, trivy-fips, frankenphp-8.2, external-dns, drone-fips, omnictl-multiarch, nerdctl, traefik-fips, knative-serving-fips, prometheus-fips, kots, commercial-grafana,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: crossplane-provider-azure-servicenetworking, crossplane-provider-azure-authorization, chainctl-fips, omnictl-multiarch-fips, policy-controller, kubernetes-dashboard, flux-source-controller, sops, cert-manager, gomplate, kube-arangodb-fips, step-kms-plugin, trivy-fips...
GHSA-VGWF-H737-FF37 vulnerabilities
Vulnerabilities for packages: omnictl-multiarch-fips, chainctl-fips, kubernetes-dashboard, flux-source-controller, longhorn-manager-fips, cert-manager, gomplate, kube-arangodb-fips, trivy-fips, teleport-operator-fips, nuclei, frankenphp-8.2, mapotf-fips, splunk-otel-collector,...
GHSA-QPW4-5X99-6VJP vulnerabilities
Vulnerabilities for packages: omnictl-multiarch-fips, chainctl-fips, kubernetes-dashboard, flux-source-controller, longhorn-manager-fips, cert-manager, gomplate, kube-arangodb-fips, trivy-fips, teleport-operator-fips, nuclei, frankenphp-8.2, mapotf-fips, splunk-otel-collector,...
GHSA-89GR-R52H-F8RX vulnerabilities
Vulnerabilities for packages: crossplane-provider-azure-servicenetworking, crossplane-provider-azure-authorization, chainctl-fips, omnictl-multiarch-fips, policy-controller, kubernetes-dashboard, flux-source-controller, sops, cert-manager, gomplate, kube-arangodb-fips, step-kms-plugin, trivy-fips...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: omnictl-multiarch-fips, chainctl-fips, kubernetes-dashboard, flux-source-controller, cert-manager, gomplate, kube-arangodb-fips, trivy-fips, teleport-operator-fips, nuclei, frankenphp-8.2, mapotf-fips, splunk-otel-collector, external-dns, omnictl-multiarch, nerdctl,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: omnictl-multiarch-fips, kubernetes-dashboard, flux-source-controller, cert-manager, kube-arangodb-fips, trivy-fips, frankenphp-8.2, external-dns, drone-fips, omnictl-multiarch, nerdctl, traefik-fips, knative-serving-fips, prometheus-fips, kots, commercial-grafana,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: rancher-agent, crossplane-provider-azure-managedidentity, teleport, kubernetes, flux-kustomize-controller, steampipe, gomplate, k3s, osv-scanner, prometheus, eksctl, vitess, external-secrets-operator, step-kms-plugin, tekton-chains, syft, cluster-api-azure-controller...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: docker-machine-driver-linode, crossplane-provider-aws-firehose, rancher-agent, crossplane-provider-azure-managedidentity, teleport, crossplane-provider-aws-kms, kubernetes, flux-kustomize-controller, steampipe, gomplate, k3s, sealed-secrets, crossplane-provider-aws-s...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: spire-server, fscrypt, kubescape, loki, zarf, rancher-agent, argocd-image-updater, kubernetes, flux, rancher, k3s, flux-image-automation-controller, prometheus-operator, zot, mattermost, osv-scanner, prometheus, kubernetes-dashboard, snyk-cli, vitess, external-dns,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: spire-server, fscrypt, kubescape, act, loki, zarf, guac, argocd-image-updater, teleport, kubernetes, pulumi-language-yaml, podman, flux, dagger, gomplate, k3s, flux-image-automation-controller, prometheus-operator, zot, mattermost, opentofu, osv-scanner, prometheus,...
GO-2026-5099 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd
ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd...
OPENSUSE-SU-2026:10888-1 argocd-cli-3.4.3-1.1 on GA media
These are all security issues fixed in the argocd-cli-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update
Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.4 security update
Important: Red Hat OpenShift GitOps v1.19.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions...
CVE-2026-45737 vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd...
GHSA-RG3G-4RW9-GQRP vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd...
CVE-2026-45738 vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd...