RHSA-2022:4692HighCVSS 10.0

Red Hat Security Advisory: Red Hat OpenShift GitOps security update

Published
May 18, 2022
Last Modified
June 26, 2026

🔗 CVE IDs covered (3)

📋 Description

CVE-2022-24904 — argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server CVE-2022-24905 — argocd: Login screen allows message spoofing if SSO is enabled CVE-2022-29165 — argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled

🔗 References (6)