169 matches found
CVE-2025-13888
Summary: CVE-2025-13888 affects OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that abuse permissions to obtain elevated rights in other namespaces, enabling privileged workloads on master nodes and potential cluster-wide root access. The issue is corroborated by mult...
CVE-2025-13888 Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs
A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources CRs that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged...
CVE-2025-13888 Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs
A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources CRs that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged...
CVE-2025-13888
A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources CRs that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged...
CVE-2025-61729 vulnerabilities
Vulnerabilities for packages: newrelic-prometheus-configurator, gitaly, terraform-provider-tls, k8sgpt-operator, opensearch-k8s-operator, kubescape, nri-jmx, kuma, dask-gateway, apache-exporter, kubernetes-replicator, http-echo, nri-cassandra, q, kube-logging-operator, aws-privateca-issuer,...
Denial-of-service (DoS)
github.com/argoproj/argo-cd is vulnerable to a denial-of-service DoS. The vulnerability is due to Argo CD’s /api/webhook endpoint accessing an array index without validating its length, which allows an attacker to crash the argocd-server process using a single unauthenticated HTTP POST with an...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.2 security update
Important: Red Hat OpenShift GitOps v1.17.2 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-7180: Redis HA Proxy pod fails to start with Security Context error GITOPS-7331: operator controller logs error when console link is disabled...
EUVD-2021-26868
Malware in sbrugna...
BIT-ARGO-CD-2025-59531 Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0 through 2.14.19, 3.0.0 through 3.2.0, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. Without a...
EUVD-2025-31767
Malicious code in bioql PyPI...
CVE-2025-59538 Argo CD is Vulnerable to Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoi...
Improper Check or Handling of Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check or Handling of Exceptional Conditions in the /api/webhook endpoint. An attacker can cause the server process to crash by sending an Azure DevOps Push event with an empty resource.refUpdates array. Note: This is only...
PT-2025-40057
Name of the Vulnerable Software and Affected Versions Argo CD versions 2.9.0-rc1 through 2.14.19 Argo CD versions 3.0.0-rc1 through 3.2.0-rc1 Argo CD version 3.1.6 Argo CD version 3.0.17 Description Argo CD, a declarative GitOps continuous delivery tool for Kubernetes, is susceptible to a...
GHSA-786Q-9HCG-V9FF vulnerabilities
Vulnerabilities for packages: argocd-image-updater...
CVE-2025-55190 vulnerabilities
Vulnerabilities for packages: argocd-image-updater...
CVE-2025-55190 vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd-fips, argo-cd, argocd-image-updater-fips...
GHSA-786Q-9HCG-V9FF vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argo-cd-fips, argo-cd, argocd-image-updater-fips...
CVE-2025-47933 vulnerabilities
Vulnerabilities for packages: argocd-image-updater...
GHSA-2HJ5-G64G-FP6P vulnerabilities
Vulnerabilities for packages: argocd-image-updater...
CVE-2025-47933 vulnerabilities
Vulnerabilities for packages: argocd-image-updater, argocd-image-updater-fips, argo-cd...