CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

350 matches found

RedHat Linux•added 2025/05/28 8:39 p.m.•12 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.4 security update

Errata Advisory for Red Hat OpenShift GitOps v1.14.4 security update. Errata Advisory for Red Hat OpenShift GitOps v1.14.4 security release. Security Fixes: openshift-gitops-argocd-container: Improper URL Sanitization in Argo CD Repository Page Allows Cross-Site Scripting XSS gitops-1.14...

9CVSS7.1AI score0.69905EPSS

Exploits2References2

RedHat Linux•added 2025/05/28 4:54 p.m.•16 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps 1.16.1 security release

Errata advisory for Red Hat OpenShift GitOps 1.16.1 security release. The Red Hat OpenShift GitOps 1.16.1 release provides security updates to the Argo CD CLI, Argo Rollouts CLI and MicroShift GitOps. Security Fixes: openshift-gitops-1/argocd-rhel9: Improper URL Sanitization in Argo CD Repository...

9CVSS7.6AI score0.00067EPSS

Exploits0References2

Tenable Nessus•added 2025/05/28 12:0 a.m.•6 views

RHEL 8 / 9 : Red Hat OpenShift GitOps 1.16.1 security (Important) (RHSA-2025:8269)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8269 advisory. The Red Hat OpenShift GitOps 1.16.1 release provides security updates to the Argo CD CLI, Argo Rollouts CLI and MicroShift GitOps. Security Fixes...

9CVSS8.5AI score0.00067EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 3:55 a.m.•4 views

CVE-2023-34236

Weave GitOps Terraform Controller aka Weave TF-controller is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This...

8.5CVSS6.6AI score0.00124EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 1:12 a.m.•5 views

CVE-2022-23508

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in GitOps run could allow a local user or process to alter a Kubernetes cluster's resources. GitOps run has a local S3 bucket which it uses...

8.8CVSS6.3AI score0.00052EPSS

Exploits0References1

RedHat Linux•added 2025/05/15 5:9 p.m.•19 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.2 security update

Errata Advisory for Red Hat OpenShift GitOps 1.15.2 release Errata Advisory for Red Hat OpenShift GitOps 1.15.2 release Security Fixes: openshift-gitops-operator-container: Namespace Isolation Break gitops-1.15 openshift-gitops-argocd-container: Go JOSE's Parsing Vulnerable to Denial of Service...

8.7CVSS7AI score0.69905EPSS

Exploits2References7

RedHat Linux•added 2025/02/26 7:14 p.m.•10 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.1 security update

An update is now available for Red Hat OpenShift GitOps v1.15.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7AI score0.03834EPSS

Exploits0References8

SUSE CVE•added 2025/02/06 3:48 a.m.•1 views

SUSE CVE-2025-23216

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write...

6.8CVSS6.7AI score0.00156EPSS

Exploits0References3

SUSE CVE•added 2025/02/05 4:3 a.m.•1 views

SUSE CVE-2024-13484

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...

8.2CVSS6.6AI score0.00028EPSS

Exploits0References3

OSV•added 2025/02/04 10:6 p.m.•8 views

GO-2025-3437 Argo CD GitOps Engine does not scrub secret values from patch errors in github.com/argoproj/gitops-engine

Argo CD GitOps Engine does not scrub secret values from patch errors in github.com/argoproj/gitops-engine. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

6.8AI score

Exploits0References4

Cvelist•added 2025/01/30 3:30 p.m.•9 views

CVE-2025-23216 Argo CD does not scrub secret values from patch errors

6.8CVSS0.00156EPSS

Exploits0References3

CNNVD•added 2025/01/30 12:0 a.m.•3 views

Argo CD 安全漏洞

Argo CD is an Argo open source declarative GitOps continuous delivery tool for Kubernetes. A security vulnerability exists in Argo CD that stems from exposing secret values in error messages and diff views when synchronizing invalid Kubernetes Secret resources from a repository...

6.8CVSS6.5AI score0.00156EPSS

Exploits0References3

Vulnrichment•added 2025/01/28 5:54 p.m.•3 views

CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break

8.2CVSS8AI score0.00028EPSS

Exploits0References5

Positive Technologies•added 2025/01/28 12:0 a.m.•2 views

PT-2025-2188 · Unknown +2 · Openshift-Gitops-Operator-Container +2

Name of the Vulnerable Software and Affected Versions: openshift-gitops-operator-container affected versions not specified ArgoCD affected versions not specified Description: A flaw was found in the software, allowing a namespace to create a rogue PrometheusRule when the...

10CVSS7AI score0.51816EPSS

Exploits4References89

RedHat Linux•added 2024/12/12 2:32 p.m.•7 views

Important: Red Hat Enhancement Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.0

Errata Advisory for Red Hat OpenShift GitOps v1.15.0. In the upcoming release of Red Hat OpenShift GitOps 1.15, several key components are being upgraded to enhance functionality and performance...

7.5CVSS6.6AI score0.00028EPSS

Exploits1References17

RedHat Linux•added 2024/10/30 6:18 p.m.•23 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.6 security update

An update is now available for Red Hat OpenShift GitOps v1.12.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS7.2AI score0.01387EPSS

Exploits2References2

RedHat Linux•added 2024/10/29 7:12 p.m.•25 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.13.2 security update

An update is now available for Red Hat OpenShift GitOps v1.13.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS7.2AI score0.01387EPSS

Exploits2References6

OSV•added 2024/10/02 11:33 a.m.•26 views

RHSA-2023:7344 Red Hat Security Advisory: openshift-gitops-kam security update

Bulletin has no description...

7.5CVSS8.5AI score0.944EPSS

Exploits19References18

OSV•added 2024/10/02 11:29 a.m.•26 views

RHSA-2023:6243 Red Hat Security Advisory: openshift-gitops-kam security update

Bulletin has no description...

7.5CVSS8.5AI score0.944EPSS

Exploits19References12