The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4004 advisory. - The payload length in a WebSocket frame was not co ...
Continue ReadingSeptember 10, 2023
The vulnerability is that web terminal sessions do not expire, even if the argocd's web session has expired. Step 1: Log in to ArgoCD. Step 2: Open a web terminal session in ArgoCD, which is used to ...
Continue ReadingSeptember 09, 2023
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting from version 2.6.0 have a bug where open web terminal sessions do not expire. This bug allows ...
Continue ReadingSeptember 07, 2023
The version of Wireshark installed on the remote Windows host is prior to 4.0.8. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.8 advisory. - Multiple inte ...
Continue ReadingSeptember 05, 2023
This is the libwebsockets C library for lightweight websocket clients and servers.Read More ...
Continue ReadingSeptember 02, 2023
github.com/argoproj/argo-cd is vulnerable to Insufficient Session Expiration. The vulnerability exists because web terminal sessions in the library do not expire, which allows an attacker to send a we ...
Continue ReadingAugust 29, 2023
### Impact All versions of Argo CD starting from v2.6.0 have a bug where open web terminal sessions do not expire. This bug allows users to send any websocket messages even if the token has already ex ...
Continue ReadingAugust 23, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingAugust 23, 2023
Back to Main