Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2022/03/23 9:53 p.m.67 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.3 OpenShift GitOps v1.3.6 for OCP 4.7+ Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9CVSS6.6AI score0.01237EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/03/23 9:18 p.m.84 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.4 OpenShift GitOps v1.4.4 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9CVSS6.6AI score0.01237EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/03/23 9:17 p.m.60 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.3 OpenShift GitOps v1.3.5 for OCP 4.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9CVSS6.6AI score0.01237EPSS
Exploits1References4
NVD
NVD
added 2022/03/23 9:15 p.m.36 views

CVE-2022-24730

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.3.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal bug, compounded by an improper access control bug, allowing a malicious user with read-only repository acces...

7.7CVSS0.0086EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/03/23 8:50 p.m.8 views

CVE-2022-24730 Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.3.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal bug, compounded by an improper access control bug, allowing a malicious user with read-only repository acces...

7.7CVSS7.4AI score0.0086EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/23 8:50 p.m.37 views

CVE-2022-24730 Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.3.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal bug, compounded by an improper access control bug, allowing a malicious user with read-only repository acces...

7.7CVSS7.6AI score0.0086EPSS
Exploits0References1
CVE
CVE
added 2022/03/23 8:50 p.m.186 views

CVE-2022-24730

Summary of CVE-2022-24730 (Argo CD) : A path traversal combined with improper access control affects Argo CD versions before 2.1.11, 2.2.6, and 2.3.0. A user with read-only repository access and appropriate repository grant (e.g., get on a repo containing a Helm chart) can craft a request to /api...

7.7CVSS6.8AI score0.0086EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder