CVE-2026-42350

Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redirect in UI OIDC login flow via the redirectTo query parameter. This issue has been patched in versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2...

kargo 输入验证错误漏洞

Kargo is an open-source continuous delivery tool developed by Akuity. Versions of Kargo prior to 1.7.10, 1.8.13, 1.9.8, and 1.10.2 contained a vulnerability related to input validation errors. This vulnerability stemmed from the open redirection present in the UI OIDC login process via the...