96 matches found
WordPress Kargo Takip plugin < 0.2.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Kargo Takip versions 0.2.4...
CVE-2026-32828
CVE-2026-32828 affects Kargo promotions: versions 1.4.0–1.6.3, 1.7.0-rc.1–1.7.8, 1.8.0-rc.1–1.8.11, and 1.9.0-rc.1–1.9.4 have HTTP/http-download promotion steps that allow SSRF against link-local addresses, notably 169.254.169.254, enabling exfiltration of sensitive data (e.g., IAM credentials) w...
CVE-2026-32828 Kargo: SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration
Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...
CVE-2026-32828 Kargo: SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration
Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...
kargo 代码问题漏洞
Kargo is an open-source continuous delivery tool developed by Akuity. Versions of Kargo prior to 1.6.3, 1.7.8 and earlier, 1.8.11 and earlier, as well as 1.9.4 and earlier, have code vulnerabilities. These vulnerabilities stem from server-side request forgery during the HTTP and http-download...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via httprequester.go and httpdownloader.go. An attacker can access internal network resources and exfiltrate sensitive data by crafting malicious promotion templates or Promotion resources that trigger...
Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration
Summary Kargo's built-in http and http-download promotion steps execute outbound HTTP requests from the Kargo controller. By design, these steps do not restrict destination addresses, as there are legitimate use cases for requests to internal and private endpoints. However, this also permits...
SUSE CVE-2026-27112
Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in...
GO-2026-4515 Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints in github.com/akuity/kargo
Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints in github.com/akuity/kargo...
GO-2026-4516 Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo
Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo...
CVE-2026-27112
Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in...
CVE-2026-27112
Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in...
CVE-2026-27112
CVE-2026-27112 affects Kargo’s batch resource creation endpoints (legacy gRPC and newer REST API). In versions 1.7.0–before 1.7.8, 1.8.11, and 1.9.3, the endpoints accept multi-document YAML payloads and contain a logic bug that can inject arbitrary resources into the underlying Kubernetes namesp...
CVE-2026-27112 Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints
Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in...
CVE-2026-27111 Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints
Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a promotion pipeline. This verb exists to separate the abili...
CVE-2026-27111
The CVE-2026-27111 issue affects Kargo v1.9.0–v1.9.2, where the REST API endpoints (/v1beta1/projects/{project}/freight/{freight}/approve, /v1beta1/projects/{project}/stages/{stage}/promotions, and /v1beta1/projects/{project}/stages/{stage}/promotions/downstream) fail to enforce the non-standard ...
CVE-2026-27111 Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints
Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a promotion pipeline. This verb exists to separate the abili...
kargo 安全漏洞
Kargo is an open-source continuous delivery tool developed by Akuity. Versions of Kargo from 1.7.0 to 1.7.8, as well as versions before 1.8.11 and 1.9.3, contain security vulnerabilities. These vulnerabilities stem from the batch resource creation endpoints accepting specially crafted YAML...
kargo 安全漏洞
Kargo is a continuous delivery tool developed by Akuity. Versions 1.9.0 to 1.9.2 of Kargo contain security vulnerabilities. These vulnerabilities stem from the lack of authorization checks for three endpoints in the REST API, which may lead to bypassing the intended authorization boundaries...
GHSA-7G9X-CP9G-92MR Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints
Summary The batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. When either endpoint creates a Project resource, creation of subsequent resources from that same payload belonging in that Project's underlying Kubernetes namespac...