6 matches found
Moderate: Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Red Hat OpenShift GitOps v1.16.2 release An update is now available for Red Hat OpenShift GitOps. Security Fixes: openshift-gitops-operator-container: Namespace Isolation Break gitops-1.16 Bug Fixes: Gitops operator is not accepting regular expression in sourceNamespaces - Application in...
CVE-2024-13484
creationtimestamp| type| source ---|---|--- 2025-01-28 17:58:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113907275874599319 2025-01-28 18:16:00+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgt2rpizkh2c 2025-01-28 20:49:39+00:00| seen|...
CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...
CVE-2024-13484
Technical details for CVE-2024-13484 are not publicly provided in the connected documents. The SUSE advisories mention the CVE but do not supply affected products/versions or root-cause details. Monitor for updates.
CVE-2024-13484
A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wi...