Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.5 security update

Important: Red Hat OpenShift GitOps v1.16.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8116 CVE-2024-45338 openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html gitops-1.17 GITOPS-80...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.3 security update

Important: Red Hat OpenShift GitOps v1.17.3 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8116 CVE-2024-45338 openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html gitops-1.17 GITOPS-76...

CVE-2025-13888 Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs

A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources CRs that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged...

CVE-2025-13888

A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources CRs that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged...

CVE-2025-13888 Openshift-gitops-operator: openshift gitops: namespace admin cluster takeover via privileged jobs

A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources CRs that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged...

CVE-2025-13888

Summary: CVE-2025-13888 affects OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that abuse permissions to obtain elevated rights in other namespaces, enabling privileged workloads on master nodes and potential cluster-wide root access. The issue is corroborated by mult...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.2 security update

Important: Red Hat OpenShift GitOps v1.18.2 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-7608 Redis HA pods are taking longer than expected to come up GITOPS-7789 Version override in ArgoCD CR causes operator to use upstream images...

PT-2025-51238

Name of the Vulnerable Software and Affected Versions OpenShift GitOps affected versions not specified Description A security issue exists in OpenShift GitOps where namespace administrators can create malicious ArgoCD Custom Resources CRs. These CRs can deceive the system into granting the...

Red Hat OpenShift GitOps 安全漏洞

Red Hat OpenShift GitOps is an automated deployment service from Red Hat USA. A security vulnerability exists in Red Hat OpenShift GitOps that stems from a namespace administrator being able to create an ArgoCD custom resource to gain privileges, potentially leading to full control of the cluster...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.1 security update

Important: Red Hat OpenShift GitOps v1.18.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-7606 ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections GITOPS-7953 Default resource exclusions list not updated in ArgoCD CR...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update

Important: Red Hat OpenShift GitOps v1.16.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-6703 After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values GITOPS-7180...

EUVD-2024-1898

Malicious code in bioql PyPI...

EUVD-2022-38802

Malicious code in bioql PyPI...

EUVD-2024-2418

Malicious code in bioql PyPI...

EUVD-2023-0577

Malicious code in bioql PyPI...

EUVD-2024-1788

Malicious code in bioql PyPI...

EUVD-2022-6279

Malicious code in bioql PyPI...

EUVD-2024-0792

Malicious code in bioql PyPI...

EUVD-2022-38803

Malicious code in bioql PyPI...

EUVD-2025-0134

Malicious code in bioql PyPI...