5 matches found
Critical: Red Hat Security Advisory: Red Hat OpenShift GitOps security update
An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
CVE-2023-40029
creationtimestamp| type| source ---|---|--- 2023-09-08 02:19:34+00:00| seen| https://t.me/cibsecurity/70118 2025-01-25 10:00:05+00:00| published-proof-of-concept| Telegram/F-fOrjgp3Mr3VOE2BBhgFMlAqu7uJ17avQ8Wad5LrkBGLSw 2025-03-03 21:02:34+00:00| seen|...
CVE-2023-40029 Cluster secret might leak in cluster details page in Argo CD
Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored inkubectl.kubernetes.io/last-applied-configuration annotation. pull request 7139 introduced the ability ...
CVE-2023-40029 Cluster secret might leak in cluster details page in Argo CD
Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored inkubectl.kubernetes.io/last-applied-configuration annotation. pull request 7139 introduced the ability ...
CVE-2023-40029
Argo CD CVE-2023-40029 exploits leakage of full cluster secret bodies via kubectl.kubernetes.io/last-applied-configuration in cluster secrets. Affected by PR #7139; exposure occurs when clusters are stored as secrets and viewed through the API with clusters, get RBAC. Patches available in 2.8.3, ...