4 matches found
CVE-2022-31036
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.3.0 are vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive YAML files from Argo CD's repo-server. A malicious Argo CD user...
CVE-2022-31036
CVE-2022-31036 : Argo CD versions starting at v1.3.0 are vulnerable to a symlink-following bug in the repo-server, allowing a malicious user with repository write access to leak YAML files from other applications or secrets if the target is a valid YAML file. Patches exist in v2.4.1, v2.3.5, v2.2...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update
An update is now available for Red Hat OpenShift GitOps 1.3 on OpenShift 4.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update
An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...