Improper Authorization

github.com/redhat-developer/gitops-operator is vulnerable to improper authorization. The vulnerability is due to insufficient validation of ArgoCD Custom Resources created by namespace administrators, which allows an authenticated attacker to escalate privileges across namespaces and deploy...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.4 security update

Important: Red Hat OpenShift GitOps v1.17.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8231 CVE-2025-47913 openshift-gitops-1/argocd-agent-rhel8: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS...

GO-2025-4242 OpenShift GitOps authenticated attackers can obtain cluster root access through forged ArgoCD custom resources in github.com/redhat-developer/gitops-operator

OpenShift GitOps authenticated attackers can obtain cluster root access through forged ArgoCD custom resources in github.com/redhat-developer/gitops-operator...

EUVD-2025-0134

Malicious code in bioql PyPI...

PT-2025-2188 · Unknown +2 · Openshift-Gitops-Operator-Container +2

Name of the Vulnerable Software and Affected Versions: openshift-gitops-operator-container affected versions not specified ArgoCD affected versions not specified Description: A flaw was found in the software, allowing a namespace to create a rogue PrometheusRule when the...