Lucene search
+L

7 matches found

RedHat Linux
RedHat Linux
added 2024/02/05 8:41 p.m.39 views

Critical: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps 1.10.2 security update

An update is now available for Red Hat OpenShift GitOps v1.10.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS6.7AI score0.01523EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/02/05 8:30 p.m.47 views

Critical: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.9.4 security update

An update is now available for Red Hat OpenShift GitOps v1.9.4. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS6.6AI score0.01523EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2024/01/19 7:1 a.m.40 views

CVE-2024-22424

A flaw was found in the Argo CD API before versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. These versions are vulnerable to a Cross-server request forgery CSRF attack when the attacker can write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Arg...

8.3CVSS7AI score0.00386EPSS
Exploits1References6
Circl
Circl
added 2024/01/19 2:26 a.m.24 views

CVE-2024-22424

creationtimestamp| type| source ---|---|--- 2024-01-19 02:26:47+00:00| seen| https://t.me/ctinow/170038 2024-01-19 08:17:10+00:00| seen| https://t.me/ctinow/170097 2024-04-02 10:51:17+00:00| published-proof-of-concept| https://t.me/techb0ltGenona/4389...

8.3CVSS7.8AI score0.00386EPSS
Exploits1References3
Wolfi
Wolfi
added 2024/01/19 1:15 a.m.57 views

CVE-2024-22424 vulnerabilities

Vulnerabilities for packages: argo-cd...

8.3CVSS8.5AI score0.00386EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/01/19 12:25 a.m.8 views

CVE-2024-22424 Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery CSRF attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo C...

8.3CVSS7AI score0.00386EPSS
Exploits1References3
CVE
CVE
added 2024/01/19 12:25 a.m.420 views

CVE-2024-22424

CVE-2024-22424 affects Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 (and related 2.7.16 per some advisories). The root cause is failure to validate that requests carry the correct content type, allowing bypass of browser CORS preflight checks and enabling CSRF via cross-origin...

8.3CVSS8.1AI score0.00386EPSS
Exploits1References3Affected Software2
Rows per page
Query Builder