Vulnerability Database
Blog
FAQ
Docs
RHSA-2024:1752
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2024:1752
Import Source
https://security.access.redhat.com/data/osv/RHSA-2024:1752.json
JSON Data
https://api.test.osv.dev/v1/vulns/RHSA-2024:1752
Related
CVE-2023-50726
CVE-2024-21652
CVE-2024-21661
CVE-2024-21662
CVE-2024-29893
Published
2024-09-23T08:36:52Z
Modified
2024-11-24T15:00:26Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: GitOps 1.12.1- Argo CD CLI and MicroShift GitOps security update
Details
References
https://access.redhat.com/errata/RHSA-2024:1752
https://access.redhat.com/security/updates/classification/#important
https://docs.openshift.com/gitops/latest/understanding_openshift_gitops/about-redhat-openshift-gitops.html
https://bugzilla.redhat.com/show_bug.cgi?id=2269479
https://bugzilla.redhat.com/show_bug.cgi?id=2270170
https://bugzilla.redhat.com/show_bug.cgi?id=2270173
https://bugzilla.redhat.com/show_bug.cgi?id=2270182
https://bugzilla.redhat.com/show_bug.cgi?id=2272211
https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1752.json
https://access.redhat.com/security/cve/CVE-2023-50726
https://www.cve.org/CVERecord?id=CVE-2023-50726
https://nvd.nist.gov/vuln/detail/CVE-2023-50726
https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac
https://github.com/argoproj/argo-cd/commit/3b8f673f06c2d228e01cbc830e5cb57cef008978
https://github.com/argoproj/argo-cd/security/advisories/GHSA-g623-jcgg-mhmm
https://access.redhat.com/security/cve/CVE-2024-21652
https://www.cve.org/CVERecord?id=CVE-2024-21652
https://nvd.nist.gov/vuln/detail/CVE-2024-21652
https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv
https://access.redhat.com/security/cve/CVE-2024-21661
https://www.cve.org/CVERecord?id=CVE-2024-21661
https://nvd.nist.gov/vuln/detail/CVE-2024-21661
https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7
https://access.redhat.com/security/cve/CVE-2024-21662
https://www.cve.org/CVERecord?id=CVE-2024-21662
https://nvd.nist.gov/vuln/detail/CVE-2024-21662
https://github.com/argoproj/argo-cd/commit/17b0df1168a4c535f6f37e95f25ed7cd81e1fa4d
https://github.com/argoproj/argo-cd/commit/6e181d72b31522f886a2afa029d5b26d7912ec7b
https://github.com/argoproj/argo-cd/commit/cebb6538f7944c87ca2fecb5d17f8baacc431456
https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454
https://access.redhat.com/security/cve/CVE-2024-29893
https://www.cve.org/CVERecord?id=CVE-2024-29893
https://nvd.nist.gov/vuln/detail/CVE-2024-29893
https://github.com/argoproj/argo-cd/commit/14f681e3ee7c38731943b98f92277e88a3db109d
https://github.com/argoproj/argo-cd/commit/36b8a12a38f8d92d55bffc81deed44389bf6eb59
https://github.com/argoproj/argo-cd/commit/3e5a878f6e30d935fa149723ea2a2e93748fcddd
https://github.com/argoproj/argo-cd/security/advisories/GHSA-jhwx-mhww-rgc3
Affected packages
Red Hat:openshift_gitops:1.12::el8
/
openshift-gitops-argocd-cli
Package
Name
openshift-gitops-argocd-cli
Purl
pkg:rpm/redhat/openshift-gitops-argocd-cli
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.12.1-5.el8
Red Hat:openshift_gitops:1.12::el8
/
openshift-gitops-argocd-cli-redistributable
Package
Name
openshift-gitops-argocd-cli-redistributable
Purl
pkg:rpm/redhat/openshift-gitops-argocd-cli-redistributable
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.12.1-5.el8
Red Hat:openshift_gitops:1.12::el9
/
microshift-gitops
Package
Name
microshift-gitops
Purl
pkg:rpm/redhat/microshift-gitops
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.12.1-4.el9
Red Hat:openshift_gitops:1.12::el9
/
microshift-gitops-release-info
Package
Name
microshift-gitops-release-info
Purl
pkg:rpm/redhat/microshift-gitops-release-info
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.12.1-4.el9
Red Hat:openshift_gitops:1.12::el9
/
openshift-gitops-argocd-cli
Package
Name
openshift-gitops-argocd-cli
Purl
pkg:rpm/redhat/openshift-gitops-argocd-cli
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.12.1-4.el9
Red Hat:openshift_gitops:1.12::el9
/
openshift-gitops-argocd-cli-redistributable
Package
Name
openshift-gitops-argocd-cli-redistributable
Purl
pkg:rpm/redhat/openshift-gitops-argocd-cli-redistributable
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.12.1-4.el9
RHSA-2024:1752 - OSV