89 matches found
CVE-2026-14251
A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...
EUVD-2026-44596
A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...
CVE-2026-14251
A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...
EUVD-2026-43648
A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.5 security update
Important: Red Hat OpenShift GitOps v1.19.5 security update An update is now available for Red Hat OpenShift GitOps...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.21.1 security update
Important: Red Hat OpenShift GitOps v1.21.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-10083 RC 1.21.0-7: Missing permission for web-based terminal in Argocd UI GITOPS-10178 OpenShift GitOps operator v1.21.0 breaks Redis-HA...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.5 security update
Important: Red Hat OpenShift GitOps v1.20.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9568 GitOps operator propagates argo CD tracking annotations to dynamic roleBindings GITOPS-9971 Image Updater Self-hosted Quay images redirect t...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.6 security update
Important: Red Hat OpenShift GitOps v1.18.6 security update An update is now available for Red Hat OpenShift GitOps...
Important: Red Hat Bug Fix Advisory: Red Hat OpenShift GitOps v1.20.3 bug fix and enhancement update
Red Hat OpenShift GitOps v1.20.3 bug fix and enhancement update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9699 CVE-2026-42880 Kubernetes Secret Extraction via ArgoCD ServerSideDiff gitops-1.20...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.2 security update
Important: Red Hat OpenShift GitOps v1.20.2 security update An update is now available for Red Hat OpenShift GitOps...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.3 security update
Important: Red Hat OpenShift GitOps v1.19.3 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9158 OpenShift Gitops Operator v1.19.2 has hardcoded pod-security labels which conflict OCP = 4.16 GITOPS-9587 multiple CVEs in ose-kube-rbac-pro...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.5 security update
Important: Red Hat OpenShift GitOps v1.18.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9158 OpenShift Gitops Operator v1.19.2 has hardcoded pod-security labels which conflict OCP = 4.16 GITOPS-9587 multiple CVEs in ose-kube-rbac-pro...
CVE-2026-6388
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates ...
Red Hat OpenShift GitOps 安全漏洞
Red Hat OpenShift GitOps is an automated deployment service provided by the American company Red Hat. Red Hat OpenShift GitOps has a security vulnerability, which stems from insufficient validation. This vulnerability could allow attackers to bypass namespace boundaries, triggering cross-namespac...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.2 security update
Important: Red Hat OpenShift GitOps v1.19.2 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8874 CVE-2025-13465 openshift-gitops-1/console-plugin-rhel8: prototype pollution in .unset and .omit functions gitops-1.19 GITOPS-8993...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.4 security update
Important: Red Hat OpenShift GitOps v1.18.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8439 CVE-2025-12816 openshift-gitops-1/console-plugin-rhel8: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.5 security update
Important: Red Hat OpenShift GitOps v1.17.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8438 CVE-2025-12816 openshift-gitops-1/console-plugin-rhel8: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.1 security update
Important: Red Hat OpenShift GitOps v1.19.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8080 CVE-2025-58183 openshift-gitops-1/argocd-rhel8: Unbounded allocation when parsing GNU sparse map gitops-1.19 GITOPS-8083 CVE-2025-58183...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.4 security update
Important: Red Hat OpenShift GitOps v1.17.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8231 CVE-2025-47913 openshift-gitops-1/argocd-agent-rhel8: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.3 security update
Important: Red Hat OpenShift GitOps v1.18.3 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8239 CVE-2025-47913 openshift-gitops-1/gitops-rhel8: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS gitops-1.1...