CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
75.3%
Errata Advisory for Red Hat OpenShift GitOps v1.11.6
Security Fix(es):
openshift-gitops-argocd-container: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON gitops-1.11
openshift-gitops-argocd-container: helm: Missing YAML Content Leads To Panic gitops-1.11
openshift-gitops-argocd-container: helm: Dependency management path traversal gitops-1.11
Multiple CVEs in openshift-gitops-redis container
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.