10 matches found
Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.1 security update
An update is now available for Red Hat OpenShift GitOps v1.12.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Important: Red Hat Security Advisory: GitOps 1.12.1- Argo CD CLI and MicroShift GitOps security update
An update is now available for Red Hat OpenShift GitOps v1.12.1 for Argo CD CLI and MicroShift GitOps. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
RHEL 8 / 9 : GitOps 1.12.1- Argo CD CLI and MicroShift GitOps (RHSA-2024:1752)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1752 advisory. Errata Advisory for Red Hat OpenShift GitOps v1.12.1- Argo CD CLI and MicroShift GitOps. Security Fixes: argo-cd: Denial of Service Due ...
Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.10.4 security update
An update is now available for Red Hat OpenShift GitOps v1.10.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
CVE-2023-50726
A flaw was found in the Argo CD package. An improper validation bug allows users to sync local manifests on app creation, who have create privileges but not override privileges. All other restrictions, including AppProject restrictions, are still enforced. The only restriction that is not enforce...
CVE-2023-50726
creationtimestamp| type| source ---|---|--- 2024-03-13 22:26:38+00:00| seen| https://t.me/ctinow/207221 2024-03-13 22:31:41+00:00| seen| https://t.me/ctinow/207239 2024-03-14 06:16:28+00:00| seen| https://t.me/ctinow/207493...
CVE-2023-50726 vulnerabilities
Vulnerabilities for packages: argo-cd, argo-cd-fips...
CVE-2023-50726 Users with `create` but not `override` privileges can perform local sync in argo-cd
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. "Local sync" is an Argo CD feature that allows developers to temporarily override an Application's manifests with locally-defined manifests. Use of the feature should generally be limited to highly-trusted users, since it...
CVE-2023-50726 Users with `create` but not `override` privileges can perform local sync in argo-cd
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. "Local sync" is an Argo CD feature that allows developers to temporarily override an Application's manifests with locally-defined manifests. Use of the feature should generally be limited to highly-trusted users, since it...
CVE-2023-50726
CVE-2023-50726 affects Argo CD’s Local Sync feature, which lets developers override an application's manifests with locally-defined ones. An improper validation bug allows users with create, but not override, privileges to sync local manifests during app creation, bypassing git/Helm/OCI source re...