Lucene search
+L

169 matches found

Chainguard
Chainguard
added 2025/05/29 7:15 p.m.5 views

GHSA-2HJ5-G64G-FP6P vulnerabilities

Vulnerabilities for packages: argocd-image-updater-fips, argo-cd, argocd-image-updater...

5.3AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2025/04/18 12:0 a.m.8 views

argocd-cli-2.14.10-1.1 on GA media (moderate)

argocd-cli-2.14.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15006-1 Rating: moderate Cross-References: CVE-2025-29786 CVSS scores: CVE-2025-29786 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-29786 SUSE : 8.2...

8.2CVSS7.3AI score0.00577EPSS
Exploits0
OSV
OSV
added 2025/04/17 12:0 a.m.6 views

OPENSUSE-SU-2025:15006-1 argocd-cli-2.14.10-1.1 on GA media

These are all security issues fixed in the argocd-cli-2.14.10-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS8.3AI score0.00577EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2025/03/26 12:0 a.m.2 views

argocd-cli-2.14.8-1.1 on GA media (moderate)

argocd-cli-2.14.8-1.1 on GA media Announcement ID: openSUSE-SU-2025:14921-1 Rating: moderate Cross-References: CVE-2025-26791 CVSS scores: CVE-2025-26791 SUSE : 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2025-26791 SUSE : 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA...

4.2CVSS7.3AI score0.00583EPSS
Exploits1
OSV
OSV
added 2025/03/25 12:0 a.m.8 views

OPENSUSE-SU-2025:14921-1 argocd-cli-2.14.8-1.1 on GA media

These are all security issues fixed in the argocd-cli-2.14.8-1.1 package on the GA media of openSUSE Tumbleweed...

6.1CVSS6.8AI score0.00583EPSS
Exploits1References2
Wolfi
Wolfi
added 2025/03/22 4:43 p.m.52 views

CVE-2025-30204 vulnerabilities

Vulnerabilities for packages: grafana-alloy, amazon-cloudwatch-agent, flux-notification-controller, flux-image-reflector-controller, chartmuseum, argocd-image-updater, terraform, terraform-provider-azurerm, opencost, crossplane-provider-azure-storage, scorecard, rancher, octo-sts, op-geth,...

7.5CVSS6.5AI score0.00693EPSS
Exploits0
Chainguard
Chainguard
added 2025/03/22 4:12 p.m.16 views

GHSA-MH63-6H87-95CP vulnerabilities

Vulnerabilities for packages: promxy, sqlexporter, kaniko, step-fips, harbor-fips, chartmuseum, harbor-registry-fips, kaniko-fips, agentbeat-fips, eksctl, grafana-alloy-fips, kubernetes-dashboard-auth-fips, nemo, octo-sts, opentelemetry-operator, zot, actions-runner-controller-fips,...

5.3AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/02/05 4:3 a.m.4 views

SUSE CVE-2024-13484

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS6.6AI score0.00218EPSS
Exploits0References3
Veracode
Veracode
added 2025/01/31 10:30 a.m.8 views

Unauthorized Rule Injection

ArgoCD is vulnerable to unauthorized rule injection. The vulnerability is due to improper namespace isolation, as the openshift.io/cluster-monitoring label is automatically applied to all namespaces deploying an ArgoCD CR instance, allowing them to create unauthorized PrometheusRule objects...

8.2CVSS7AI score0.00218EPSS
Exploits0References6Affected Software1
Chainguard
Chainguard
added 2025/01/30 4:15 p.m.15 views

CVE-2025-23216 vulnerabilities

Vulnerabilities for packages: argocd-image-updater-fips, argocd-image-updater...

6.8CVSS6.7AI score0.00458EPSS
Exploits0
OSV
OSV
added 2025/01/29 12:1 a.m.18 views

GO-2025-3427 Malicious PrometheusRule creation to all namespaces that deploy a ArgoCD CR instance in github.com/redhat-developer/gitops-operator

Malicious PrometheusRule creation to all namespaces that deploy a ArgoCD CR instance in github.com/redhat-developer/gitops-operator...

8.2CVSS8AI score0.00218EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/01/28 6:31 p.m.16 views

OpenShift GitOps Operator Namespace Isolation Break

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS7.9AI score0.00218EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2025/01/28 6:31 p.m.8 views

GHSA-58FX-7V9Q-3G56 OpenShift GitOps Operator Namespace Isolation Break

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS7.9AI score0.00218EPSS
Exploits0References12
NVD
NVD
added 2025/01/28 6:15 p.m.16 views

CVE-2024-13484

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS0.00218EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/01/28 5:54 p.m.13 views

CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS0.00218EPSS
Exploits0References9
CVE
CVE
added 2025/01/28 5:54 p.m.142 views

CVE-2024-13484

Technical details for CVE-2024-13484 are not publicly provided in the connected documents. The SUSE advisories mention the CVE but do not supply affected products/versions or root-cause details. Monitor for updates.

8.2CVSS8AI score0.00218EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/01/28 5:52 p.m.5 views

CVE-2024-13484

A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wi...

8.2CVSS8AI score0.00218EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.6 views

PT-2025-2188

Name of the Vulnerable Software and Affected Versions openshift-gitops-operator-container affected versions not specified ArgoCD affected versions not specified Description A flaw was found in the software, allowing a namespace to create a rogue PrometheusRule when the...

8.2CVSS7AI score0.00218EPSS
Exploits0References50
Chainguard
Chainguard
added 2025/01/06 5:15 p.m.21 views

CVE-2025-21613 vulnerabilities

Vulnerabilities for packages: packer, skaffold, kaniko, snyk-cli, grype, kaniko-fips, dagger, grafana-alloy-fips, nemo, tekton-pipelines, pulumi-language-yaml, datadog-agent-fips, zot, goreleaser, k9s, osv-scanner, kubevela, argo-events-fips, flux-kustomize-controller-fips, timoni, melange,...

9.8CVSS7.3AI score0.01261EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2024/09/30 12:0 a.m.4 views

argocd-cli-2.12.4-1.1 on GA media (moderate)

argocd-cli-2.12.4-1.1 on GA media Announcement ID: openSUSE-SU-2024:14374-1 Rating: moderate Cross-References: CVE-2024-45296 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

7.5CVSS7.8AI score0.00932EPSS
Exploits0
Rows per page
Query Builder