User Impersonation Via Anonymous Access

github.com/argoproj/argo-cd is vulnerable to user impersonation. An attacker is able to send an invalid JSON Web Token (JWT) along with a request if anonymous access to the Argo CD instance is enabled ...

Continue Reading
CVE-2022-29165

A flaw was found in the ArgoCD component of Red Hat GitOps, where an unauthenticated attacker can craft a malicious JWT token while ArgoCD's anonymous access is enabled and gains full access to the Ar ...

Continue Reading
(RHSA-2022:4692) Important: Red Hat OpenShift GitOps security update

Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * argocd: ArgoCD will blindly trust JWT claims if anonymous access is ...

Continue Reading
(RHSA-2022:4691) Important: Red Hat OpenShift GitOps security update

Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * argocd: ArgoCD will blindly trust JWT claims if anonymous access is ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy