CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

350 matches found

RedHat Linux•added 2023/09/29 2:15 p.m.•33 views

Moderate: Red Hat Security Advisory: openshift-gitops-kam security update

An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.0018EPSS

Exploits1References2

RedHat Linux•added 2023/09/08 1:9 p.m.•81 views

Critical: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

9.9CVSS6.8AI score0.00919EPSS

Exploits1References3

RedHat Linux•added 2023/09/08 1:0 p.m.•54 views

Critical: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

9.9CVSS6.8AI score0.00919EPSS

Exploits1References3

RedhatCVE•added 2023/09/07 7:42 p.m.•87 views

CVE-2023-40029

A flaw was found in the ArgoCD package, used by Red Hat GitOps, that allows cluster secrets to be managed declaratively using the kubectl apply functionality, resulting in the full secret body being stored in kubectl.kubernetes.io/last-applied-configuration annotation. Since ArgoCD has included t...

9.9CVSS9.3AI score0.00919EPSS

Exploits1References4

CVE•added 2023/08/23 7:12 p.m.•61 views

CVE-2023-40025

CVE-2023-40025 affects Argo CD where open web terminal sessions do not expire, allowing WebSocket messages after token expiry and potential viewing of sensitive information. Technical details across connected documents confirm the issue is tied to the web terminal feature, with remediation delive...

7.1CVSS5.6AI score0.00219EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/08/23 7:12 p.m.•15 views

CVE-2023-40025 Argo CD web terminal session doesn't expire

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting from version 2.6.0 have a bug where open web terminal sessions do not expire. This bug allows users to send any websocket messages even if the token has already expired. The most...

4.7CVSS7AI score0.00219EPSS

Exploits1References2

NVD•added 2023/07/14 10:15 p.m.•6 views

CVE-2023-34236

Weave GitOps Terraform Controller aka Weave TF-controller is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This...

8.5CVSS0.00124EPSS

Exploits1References7

OSV•added 2023/07/14 9:52 p.m.•28 views

GHSA-6HVV-J432-23CV Weave GitOps Terraform Controller Information Disclosure Vulnerability

Impact A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners tf-runner, where sensitive data is inadvertently printed - potentially...

8.5CVSS7.3AI score0.00124EPSS

Exploits1References9

Github Security Blog•added 2023/07/14 9:52 p.m.•24 views

Weave GitOps Terraform Controller Information Disclosure Vulnerability

8.5CVSS6.7AI score0.00124EPSS

Exploits1References9Affected Software1

Cvelist•added 2023/07/14 9:9 p.m.•17 views

CVE-2023-34236 Information Disclosure Vulnerability in Weave GitOps Terraform Controller

8.5CVSS8.7AI score0.00124EPSS

Exploits1References7

CVE•added 2023/07/14 9:9 p.m.•47 views

CVE-2023-34236

The CVE-2023-34236 disclosure affects Weave GitOps Terraform Controller (tf-controller) via the tf-runner component. The vulnerability arises when tfexec.ShowPlan, tfexec.ShowPlanRaw, or tfexec.Output print sensitive data to standard output/error because Stdout/Stderr are bound to os.Stdout/os.St...

8.5CVSS7.3AI score0.00124EPSS

Exploits1References7Affected Software1

Vulnrichment•added 2023/07/14 9:9 p.m.•9 views

CVE-2023-34236 Information Disclosure Vulnerability in Weave GitOps Terraform Controller

8.5CVSS6.6AI score0.00124EPSS

Exploits1References7

OSV•added 2023/07/14 9:9 p.m.•9 views

CVE-2023-34236 Information Disclosure Vulnerability in Weave GitOps Terraform Controller

8.5CVSS6.9AI score0.00124EPSS

Exploits1References9

CNNVD•added 2023/07/14 12:0 a.m.•1 views

Weave GitOps 信息泄露漏洞

Weaveworks Weave GitOps is a simple open source developer platform from Weaveworks UK. An information disclosure vulnerability exists in Weave GitOps Terraform Controller Weave TF-controller v0.14.3 and earlier, v0.15.0-rc.4 and earlier, which originates in Weave GitOps Terraform Runners tf-...

8.5CVSS7.2AI score0.00124EPSS

Exploits1References8

Positive Technologies•added 2023/07/14 12:0 a.m.•1 views

PT-2023-24760 · Weave · Weave Gitops Terraform Controller

Name of the Vulnerable Software and Affected Versions: Weave GitOps Terraform Controller versions prior to v0.14.4 Weave GitOps Terraform Controller versions prior to v0.15.0-rc.5 Description: A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an...

8.5CVSS7.2AI score0.00124EPSS

Exploits1References14

RedHat Linux•added 2023/06/09 7:47 p.m.•51 views

Important: Red Hat Security Advisory: openshift-gitops-kam security update

An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.3CVSS7.4AI score0.00963EPSS

Exploits1References3

RedHat Linux•added 2023/05/18 3:55 p.m.•32 views

Important: Red Hat Security Advisory: openshift-gitops-kam security update

An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.3CVSS7.4AI score0.00963EPSS

Exploits1References3

RedHat Linux•added 2023/03/23 7:11 p.m.•106 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

4.3CVSS5.8AI score0.01127EPSS

Exploits0References2

RedHat Linux•added 2023/03/23 6:46 p.m.•40 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

4.3CVSS5.8AI score0.01127EPSS

Exploits0References2

RedHat Linux•added 2023/03/23 6:40 p.m.•33 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

4.3CVSS5.8AI score0.01127EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by