exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2024-31990

почти 2 года назад

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should only be mutable via gitops. This vulenrability is fixed in 2.10.7, 2.9.12, and 2.8.16.

CVSS3: 4.8

EPSS: Низкий

CVE-2024-31990

почти 2 года назад

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should only be mutable via gitops. This vulenrability is fixed in 2.10.7, 2.9.12, and 2.8.16.

CVSS3: 4.8

EPSS: Низкий

GHSA-2gvw-w6fj-7m3c

почти 2 года назад

Argo CD's API server does not enforce project sourceNamespaces

CVSS3: 4.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-31990 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should only be mutable via gitops. This vulenrability is fixed in 2.10.7, 2.9.12, and 2.8.16.	CVSS3: 4.8	0% Низкий	почти 2 года назад
CVE-2024-31990 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should only be mutable via gitops. This vulenrability is fixed in 2.10.7, 2.9.12, and 2.8.16.	CVSS3: 4.8	0% Низкий	почти 2 года назад
GHSA-2gvw-w6fj-7m3c Argo CD's API server does not enforce project sourceNamespaces	CVSS3: 4.8	0% Низкий	почти 2 года назад

Уязвимостей на страницу