4 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update
An update is now available for Red Hat OpenShift GitOps 1.4 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
GHSA-63QX-X74G-JCR7 Path traversal and dereference of symlinks in Argo CD
Impact All versions of Argo CD are vulnerable to a path traversal bug that allows to pass arbitrary values files to be consumed by Helm charts. Additionally, it is possible to craft special Helm chart packages containing value files that are actually symbolic links, pointing to arbitrary files...
CVE-2022-24348
CVE-2022-24348 affects Argo CD prior to 2.1.9 and 2.2.x prior to 2.2.4 due to a path traversal in helmTemplate within repository.go. This weakness can allow an attacker with access to Helm charts to traverse directories and potentially read YAML files containing credentials, depending on chart co...
CVE-2022-24348
creationtimestamp| type| source ---|---|--- 2022-02-04 19:47:38+00:00| seen| https://t.me/cibsecurity/36862 2022-02-05 00:31:17+00:00| seen| https://t.me/cibsecurity/36888 2022-02-06 06:49:12+00:00| exploited| https://t.me/thehackernews/1860 2022-02-06 14:46:31+00:00| seen| https://t.me/cKure/871...