exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2022-24905

Status Candidate

Overview

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. There are currently no known workarounds.

Related Files

Red Hat Security Advisory 2022-4671-01
Posted Jun 3, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4671-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | 1a7182c8803733e24a2f52a38dc6173bf272d5ad45772e1226fe7c4a018efefe
Red Hat Security Advisory 2022-4690-01
Posted May 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4690-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-25219, CVE-2021-3634, CVE-2021-3639, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | 3bfe6b3b087ca42a19201811078371538ab2936796ff2422443605c3aef038d7
Red Hat Security Advisory 2022-4692-01
Posted May 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4692-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | ecf97b114c811de8b773415e31f85d2dbbd762da9a08556fc7bc868b0c83a9a5
Red Hat Security Advisory 2022-4691-01
Posted May 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4691-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | 6fe762e2616c6dacdada61a5ff131f5097db13088eef51a3811f2266f29dfb07
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close