RSS   Podatności dla 'Argo-cd'   RSS

2022-02-04
 
CVE-2022-24348

CWE-22
 

 
Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.

 
2021-03-15
 
CVE-2021-26924

CWE-79
 

 
An issue was discovered in Argo CD before 1.8.4. Browser XSS protection is not activated due to the missing XSS protection header.

 
 
CVE-2021-26923

CWE-287
 

 
An issue was discovered in Argo CD before 1.8.4. Accessing the endpoint /api/version leaks internal information for the system, and this endpoint is not protected with authentication.

 

 >>> Vendor: Linuxfoundation 31 Produkty
Foomatic
Cups-filters
XEN
Foomatic-filters
Open network operating system
RUNC
The update framework
DOJO
Dojox
Argo continuous delivery
CEPH
Free range routing
Jaeger
Osquery
Harbor
ACRN
Nats-server
Containerd
Spinnaker
DEX
Indy-node
BESU
Argo-cd
Umoci
Grpc swift
Cortex
Backstage
Open container initiative distribution specification
Open container initiative image format specification
Fabric
Auth backend


Copyright 2022, cxsecurity.com

 

Back to Top