Lucene search
Veracode Vulnerability DatabaseVERACODE:39061HistoryJan 31, 2023 - 3:07 a.m.
Authorization Bypass
2023-01-3103:07:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
vulnerability
authorization bypass
argo-cd
0.001 Low
EPSS
Percentile
38.3%
github.com/argoproj/argo-cd is vulnerable to Authorization Bypass. The vulnerability exists due to the canProcessApp function in appcontroller.go, which permits a remote authenticated user to deploy applications outside of the intended namespace when sharding is enabled on the application controller because the it doesn’t enforce the comma-delimited list of glob patterns when reconciling Applications.
Related
prion
prion
Authorization
2023-01-26 21:18:00
hackerone
hackerone
osv
osv
CVE-2023-22736
2023-01-26 21:18:13
cvelist
cvelist
nvd
nvd
CVE-2023-22736
2023-01-26 21:18:13
cve
cve
CVE-2023-22736
2023-01-26 21:18:13
redhatcve
redhatcve
CVE-2023-22736
2023-01-25 19:05:58
github
github
wallarmlab
wallarmlab
Octopus Strike! Three Argo CD API Exploits In Two Weeks
2023-02-11 16:07:05
redhat
redhat
(RHSA-2023:0467) Important: Red Hat OpenShift GitOps security update
2023-01-25 20:30:21