A flaw was found in Argo CD. Affected versions of Argo CD have a bug where open web terminal sessions do not expire. This bug allows users to send WebSocket messages even if the token has expired. The ...
Continue Reading
July 31, 2024
Introduction In May 2020, Bitdefender released a white paper containing a detailed analysis of Mandrake, a sophisticated Android cyber-espionage platform, which had been active in the wild for at leas ...
Continue Reading
July 29, 2024
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2597-1 advisory. - CVE-2024-36387: F ...
Continue Reading
July 26, 2024
A vulnerability was found in ArgoCD's web-based terminal. This issue may allow a user to continue sending WebSocket messages and access sensitive information even after their p, role:myrole, exec ...
Continue Reading
July 26, 2024
Argo CD v2.11.3 and before, discovering that even if the user's p, role:myrole, exec, create, */*, allow permissions are revoked, the user can still send any Websocket message, which allows the u ...
Continue Reading
July 25, 2024
Argo CD v2.11.3 and before, discovering that even if the user's p, role:myrole, exec, create, */*, allow permissions are revoked, the user can still send any Websocket message, which allows the u ...
Continue Reading
July 24, 2024
The remote host is missing an update for...Read More ...
Continue Reading
July 24, 2024
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading...Read More ...
Continue Reading
July 23, 2024
Back to Main
