Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-24348
Vulnerability from cvelistv5
Published
2022-02-04 20:26
Modified
2024-08-03 04:07
Severity ?
EPSS score ?
Summary
Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7 | Exploit, Third Party Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T20:26:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-24348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/",
"refsource": "MISC",
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/"
},
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"refsource": "CONFIRM",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-24348",
"datePublished": "2022-02-04T20:26:21",
"dateReserved": "2022-02-02T00:00:00",
"dateUpdated": "2024-08-03T04:07:02.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.1.9\", \"matchCriteriaId\": \"31E46A1D-D027-4D65-80E9-DCC5CB3D287D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.2.0\", \"versionEndExcluding\": \"2.2.4\", \"matchCriteriaId\": \"229A9622-6079-4EEA-8E2B-1EA4CB5F17C4\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.\"}, {\"lang\": \"es\", \"value\": \"Argo CD versiones anteriores a 2.1.9 y versiones 2.2.x anteriores a 2.2.4, permite un salto de directorios relacionado con los gr\\u00e1ficos de Helm debido a un error en helmTemplate en el archivo repository.go. Por ejemplo, un atacante puede ser capaz de detectar las credenciales almacenadas en un archivo YAML\"}]",
"id": "CVE-2022-24348",
"lastModified": "2024-11-21T06:50:13.463",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"baseScore\": 7.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.1, \"impactScore\": 4.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2022-02-04T21:15:08.103",
"references": "[{\"url\": \"https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-24348\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-02-04T21:15:08.103\",\"lastModified\":\"2024-11-21T06:50:13.463\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.\"},{\"lang\":\"es\",\"value\":\"Argo CD versiones anteriores a 2.1.9 y versiones 2.2.x anteriores a 2.2.4, permite un salto de directorios relacionado con los gr\u00e1ficos de Helm debido a un error en helmTemplate en el archivo repository.go. Por ejemplo, un atacante puede ser capaz de detectar las credenciales almacenadas en un archivo YAML\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.9\",\"matchCriteriaId\":\"31E46A1D-D027-4D65-80E9-DCC5CB3D287D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.4\",\"matchCriteriaId\":\"229A9622-6079-4EEA-8E2B-1EA4CB5F17C4\"}]}]}],\"references\":[{\"url\":\"https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2022:0580
Vulnerability from csaf_redhat
Published
2022-02-17 21:46
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.2. (GitOps v1.2.2)
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.2. (GitOps v1.2.2)\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0580",
"url": "https://access.redhat.com/errata/RHSA-2022:0580"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0580.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:09+00:00",
"generator": {
"date": "2024-11-22T18:23:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0580",
"initial_release_date": "2022-02-17T21:46:48+00:00",
"revision_history": [
{
"date": "2022-02-17T21:46:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-17T21:46:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.2",
"product": {
"name": "Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.2.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.2.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.2.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-17T21:46:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0580"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
rhsa-2022_0580
Vulnerability from csaf_redhat
Published
2022-02-17 21:46
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.2. (GitOps v1.2.2)
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.2. (GitOps v1.2.2)\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0580",
"url": "https://access.redhat.com/errata/RHSA-2022:0580"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0580.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:09+00:00",
"generator": {
"date": "2024-11-22T18:23:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0580",
"initial_release_date": "2022-02-17T21:46:48+00:00",
"revision_history": [
{
"date": "2022-02-17T21:46:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-17T21:46:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.2",
"product": {
"name": "Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.2.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.2.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.2.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-17T21:46:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0580"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
rhsa-2022_0476
Vulnerability from csaf_redhat
Published
2022-02-08 22:08
Modified
2024-11-22 18:22
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps 1.3
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps 1.3\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0476",
"url": "https://access.redhat.com/errata/RHSA-2022:0476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "GITOPS-1758",
"url": "https://issues.redhat.com/browse/GITOPS-1758"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0476.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:22:54+00:00",
"generator": {
"date": "2024-11-22T18:22:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0476",
"initial_release_date": "2022-02-08T22:08:38+00:00",
"revision_history": [
{
"date": "2022-02-08T22:08:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T22:08:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:22:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.3",
"product": {
"name": "Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.3.3-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T22:08:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
RHSA-2022:0682
Vulnerability from csaf_redhat
Published
2022-02-25 19:48
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.3 on OCP 4.7-4.9. (GitOps v1.3.4)
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift GitOps v1.3.4 on OCP 4.7-4.9
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.3 on OCP 4.7-4.9. (GitOps v1.3.4)\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift GitOps v1.3.4 on OCP 4.7-4.9\nRed Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0682",
"url": "https://access.redhat.com/errata/RHSA-2022:0682"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0682.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:17+00:00",
"generator": {
"date": "2024-11-22T18:23:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0682",
"initial_release_date": "2022-02-25T19:48:20+00:00",
"revision_history": [
{
"date": "2022-02-25T19:48:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-25T19:48:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.3",
"product": {
"name": "Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.3.4-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-25T19:48:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0682"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
rhsa-2022_0477
Vulnerability from csaf_redhat
Published
2022-02-08 22:16
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps 1.4
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps 1.4\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0477",
"url": "https://access.redhat.com/errata/RHSA-2022:0477"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "GITOPS-1751",
"url": "https://issues.redhat.com/browse/GITOPS-1751"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0477.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:02+00:00",
"generator": {
"date": "2024-11-22T18:23:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0477",
"initial_release_date": "2022-02-08T22:16:24+00:00",
"revision_history": [
{
"date": "2022-02-08T22:16:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T22:16:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.4",
"product": {
"name": "Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.4.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T22:16:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
rhsa-2022_0682
Vulnerability from csaf_redhat
Published
2022-02-25 19:48
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.3 on OCP 4.7-4.9. (GitOps v1.3.4)
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift GitOps v1.3.4 on OCP 4.7-4.9
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.3 on OCP 4.7-4.9. (GitOps v1.3.4)\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift GitOps v1.3.4 on OCP 4.7-4.9\nRed Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0682",
"url": "https://access.redhat.com/errata/RHSA-2022:0682"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0682.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:17+00:00",
"generator": {
"date": "2024-11-22T18:23:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0682",
"initial_release_date": "2022-02-25T19:48:20+00:00",
"revision_history": [
{
"date": "2022-02-25T19:48:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-25T19:48:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.3",
"product": {
"name": "Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.3.4-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-25T19:48:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0682"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
RHSA-2022:0476
Vulnerability from csaf_redhat
Published
2022-02-08 22:08
Modified
2024-11-22 18:22
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps 1.3
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps 1.3\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0476",
"url": "https://access.redhat.com/errata/RHSA-2022:0476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "GITOPS-1758",
"url": "https://issues.redhat.com/browse/GITOPS-1758"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0476.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:22:54+00:00",
"generator": {
"date": "2024-11-22T18:22:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0476",
"initial_release_date": "2022-02-08T22:08:38+00:00",
"revision_history": [
{
"date": "2022-02-08T22:08:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T22:08:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:22:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.3",
"product": {
"name": "Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.3.3-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T22:08:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
RHSA-2022:0580
Vulnerability from csaf_redhat
Published
2022-02-17 21:46
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.2. (GitOps v1.2.2)
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.2. (GitOps v1.2.2)\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0580",
"url": "https://access.redhat.com/errata/RHSA-2022:0580"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0580.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:09+00:00",
"generator": {
"date": "2024-11-22T18:23:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0580",
"initial_release_date": "2022-02-17T21:46:48+00:00",
"revision_history": [
{
"date": "2022-02-17T21:46:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-17T21:46:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.2",
"product": {
"name": "Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.2.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.2.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.2.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.2.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64 as a component of Red Hat OpenShift GitOps 1.2",
"product_id": "8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64",
"relates_to_product_reference": "8Base-GitOps-1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-17T21:46:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0580"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.2:openshift-gitops-1/applicationset-rhel8@sha256:de60b8e0019f8cd5900ab934761c289973b8e80f74c7f343e9b8c7bdab35ec7b_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/argocd-rhel8@sha256:ba9c8eb1b6ab9633a67f82038a8d597f070e9d1d3bee50bb3944b5ccbe6c539f_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-operator-bundle@sha256:d9db3e25b20c2a28ba1a26ce466b1d7f0bb7b34e354c75029ef7a6ee21b3b580_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8-operator@sha256:4b315cd3607577f9187f97c9df7a65a5dc94982d6166bf0d2fc7cf8c1ef7246c_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/gitops-rhel8@sha256:8199d51003b6fb3e180785a905c0f757497567bdba3ec2427812aad6f803942d_amd64",
"8Base-GitOps-1.2:openshift-gitops-1/kam-delivery-rhel8@sha256:e977766c14c86eb12734b908afa3286b5a66297bd11ffa4f2f5500e5051b9c17_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
RHSA-2022:0477
Vulnerability from csaf_redhat
Published
2022-02-08 22:16
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps 1.4
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps 1.4\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0477",
"url": "https://access.redhat.com/errata/RHSA-2022:0477"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "GITOPS-1751",
"url": "https://issues.redhat.com/browse/GITOPS-1751"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0477.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:02+00:00",
"generator": {
"date": "2024-11-22T18:23:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0477",
"initial_release_date": "2022-02-08T22:16:24+00:00",
"revision_history": [
{
"date": "2022-02-08T22:16:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T22:16:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.4",
"product": {
"name": "Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.4.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T22:16:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
rhsa-2022:0682
Vulnerability from csaf_redhat
Published
2022-02-25 19:48
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.3 on OCP 4.7-4.9. (GitOps v1.3.4)
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift GitOps v1.3.4 on OCP 4.7-4.9
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 1.3 on OCP 4.7-4.9. (GitOps v1.3.4)\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift GitOps v1.3.4 on OCP 4.7-4.9\nRed Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0682",
"url": "https://access.redhat.com/errata/RHSA-2022:0682"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0682.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:17+00:00",
"generator": {
"date": "2024-11-22T18:23:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0682",
"initial_release_date": "2022-02-25T19:48:20+00:00",
"revision_history": [
{
"date": "2022-02-25T19:48:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-25T19:48:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.3",
"product": {
"name": "Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.3.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.3.4-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-25T19:48:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0682"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:0b363d4585532f8673fc607e757b40b8e78a794539a60e7766efbe29e6d884d1_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:435439882f34fc487ff8c2606145c931a7480869290b7c5cdc3ca101b8354a96_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:23359cdf86879be49e4ad727a7e32e0457b3e2618ea6d72b5515098812772158_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:1d18cfdb839ff44dff1e2fdc9da4008c91ce25758328f200b9e282bfd8c7c08e_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:d7c95e762e992b14104c482cfa1b2e017d8d1cfb45e507e9840cad211ddd5068_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:252b2925e966b60180643884b910b09111104c03facc1264ef7ea692efce70d7_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:72fb789851fd76c39d4387affffdddcc4897fd904edebcc169aad65ccc304fb1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
rhsa-2022:0477
Vulnerability from csaf_redhat
Published
2022-02-08 22:16
Modified
2024-11-22 18:23
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps 1.4
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps 1.4\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0477",
"url": "https://access.redhat.com/errata/RHSA-2022:0477"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "GITOPS-1751",
"url": "https://issues.redhat.com/browse/GITOPS-1751"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0477.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:23:02+00:00",
"generator": {
"date": "2024-11-22T18:23:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0477",
"initial_release_date": "2022-02-08T22:16:24+00:00",
"revision_history": [
{
"date": "2022-02-08T22:16:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T22:16:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:23:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.4",
"product": {
"name": "Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.4.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.4.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64 as a component of Red Hat OpenShift GitOps 1.4",
"product_id": "8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64",
"relates_to_product_reference": "8Base-GitOps-1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T22:16:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.4:openshift-gitops-1/applicationset-rhel8@sha256:8b317cf28ec94757e661e83075ab9ac8397c4940197366ee5e0091d9423f7cc6_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/argocd-rhel8@sha256:6ebac7a8e959032d7634d2992e18efdc12668dff7a50cd94d080eb11d08b9c30_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/dex-rhel8@sha256:3a3635a1d9782966131d131ab0296c86e7b9f501d2940bab6e7cbcae4255d221_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-operator-bundle@sha256:ad293cc67f56184224dd0b22a6f7653d47ba2e18ce15fd6e510817ff6bd371ba_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8-operator@sha256:5fea603d0f8835221752df1cd30d76a6d59764f9d3be4d6484a5ca59b2cdd90e_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/gitops-rhel8@sha256:4342da4644f5aefa762759737c6173dedcd2518ef2a264b2f0d6bdd2465d642d_amd64",
"8Base-GitOps-1.4:openshift-gitops-1/kam-delivery-rhel8@sha256:097a5325971ee7a7a0a9d2ae45d0adda3bb8df09a3d39e496ebfaf7a19a173a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
rhsa-2022:0476
Vulnerability from csaf_redhat
Published
2022-02-08 22:08
Modified
2024-11-22 18:22
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps 1.3
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps 1.3\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0476",
"url": "https://access.redhat.com/errata/RHSA-2022:0476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "GITOPS-1758",
"url": "https://issues.redhat.com/browse/GITOPS-1758"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0476.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-22T18:22:54+00:00",
"generator": {
"date": "2024-11-22T18:22:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0476",
"initial_release_date": "2022-02-08T22:08:38+00:00",
"revision_history": [
{
"date": "2022-02-08T22:08:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T22:08:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:22:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.3",
"product": {
"name": "Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product_id": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/applicationset-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.3.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.3.3-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64"
},
"product_reference": "openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64 as a component of Red Hat OpenShift GitOps 1.3",
"product_id": "8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24348",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050826"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GitOps. This flaw allows an attacker with permissions to create or update applications in ArgoCD to craft a malicious helm chart that contains symbolic links pointing to arbitrary paths outside the repository root folder, leading to a path traversal issue. This issue enables the attacker to gain access to confidential information stored in other repositories within the same ArgoCD installation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gitops: Path traversal and dereference of symlinks when passing Helm value files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24348"
},
{
"category": "external",
"summary": "RHBZ#2050826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"release_date": "2022-02-04T14:07:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T22:08:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.3:openshift-gitops-1/applicationset-rhel8@sha256:7027540d0244496785cd368a3802d551f974f5114735966dc4b5846ab70832cb_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/argocd-rhel8@sha256:bc5e750413e3806b92a548029010f82aee0bede3b0fe918fd53c280e2384359b_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/dex-rhel8@sha256:20a85d451ff3697f5d7c3f55d4776832cdf7a6a90623ce72d481dd6becad3b97_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-operator-bundle@sha256:636a040e83d025996d133fc6f90a625aed2d8bb81db45c23bb8e11d6d5571993_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8-operator@sha256:99cfc9175851012da28592bc238e297a56ed10496bd94c1409f9a87338f2f58d_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/gitops-rhel8@sha256:9f1072299358f38ab62bbd74e7d1f8af16b58c927b3e8d0626efaa0382bd4623_amd64",
"8Base-GitOps-1.3:openshift-gitops-1/kam-delivery-rhel8@sha256:79571b309fbb43ca9141bc4cfa24f4b668ffc9a7947fb3d6d55065f4a71bac8d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gitops: Path traversal and dereference of symlinks when passing Helm value files"
}
]
}
gsd-2022-24348
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-24348",
"description": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.",
"id": "GSD-2022-24348",
"references": [
"https://access.redhat.com/errata/RHSA-2022:0682",
"https://access.redhat.com/errata/RHSA-2022:0580",
"https://access.redhat.com/errata/RHSA-2022:0477",
"https://access.redhat.com/errata/RHSA-2022:0476"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-24348"
],
"details": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.",
"id": "GSD-2022-24348",
"modified": "2023-12-13T01:19:43.443069Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-24348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/",
"refsource": "MISC",
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/"
},
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"refsource": "CONFIRM",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.1.9",
"affected_versions": "All versions before 2.1.9",
"cvss_v2": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-352",
"CWE-937"
],
"date": "2022-02-11",
"description": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.",
"fixed_versions": [
"2.1.9"
],
"identifier": "CVE-2022-24348",
"identifiers": [
"GHSA-63qx-x74g-jcr7",
"CVE-2022-24348"
],
"not_impacted": "All versions starting from 2.1.9",
"package_slug": "go/github.com/argoproj/argo-cd",
"pubdate": "2022-02-07",
"solution": "Upgrade to version 2.1.9 or above.",
"title": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"urls": [
"https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"https://github.com/argoproj/argo-cd/commit/78c2084f0febd159039ff785ddc2bd4ba1cecf88",
"https://github.com/argoproj/argo-cd/releases/tag/v2.1.9",
"https://github.com/argoproj/argo-cd/releases/tag/v2.2.4",
"https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/",
"https://github.com/advisories/GHSA-63qx-x74g-jcr7"
],
"uuid": "286aec34-8d21-4ac2-a8f0-ae958117efd9"
},
{
"affected_range": "\u003c2.1.9||\u003e=2.2.0 \u003c2.2.4",
"affected_versions": "All versions before 2.1.9, all versions starting from 2.2.0 before 2.2.4",
"cvss_v2": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-352",
"CWE-937"
],
"date": "2022-02-11",
"description": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.",
"fixed_versions": [
"2.1.9",
"2.2.4"
],
"identifier": "CVE-2022-24348",
"identifiers": [
"GHSA-63qx-x74g-jcr7",
"CVE-2022-24348"
],
"not_impacted": "All versions starting from 2.1.9 before 2.2.0, all versions starting from 2.2.4",
"package_slug": "go/github.com/argoproj/argo-cd/v2",
"pubdate": "2022-02-07",
"solution": "Upgrade to versions 2.1.9, 2.2.4 or above.",
"title": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"urls": [
"https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"https://github.com/argoproj/argo-cd/commit/78c2084f0febd159039ff785ddc2bd4ba1cecf88",
"https://github.com/argoproj/argo-cd/releases/tag/v2.1.9",
"https://github.com/argoproj/argo-cd/releases/tag/v2.2.4",
"https://nvd.nist.gov/vuln/detail/CVE-2022-24348",
"https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/",
"https://github.com/advisories/GHSA-63qx-x74g-jcr7"
],
"uuid": "45cad268-6c0e-475a-b1ce-6f3fd954faea"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.4",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-24348"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/"
},
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
},
"lastModifiedDate": "2022-02-09T13:53Z",
"publishedDate": "2022-02-04T21:15Z"
}
}
}
CVE-2022-24348
Vulnerability from fkie_nvd
Published
2022-02-04 21:15
Modified
2024-11-21 06:50
Severity ?
Summary
Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31E46A1D-D027-4D65-80E9-DCC5CB3D287D",
"versionEndExcluding": "2.1.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "229A9622-6079-4EEA-8E2B-1EA4CB5F17C4",
"versionEndExcluding": "2.2.4",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file."
},
{
"lang": "es",
"value": "Argo CD versiones anteriores a 2.1.9 y versiones 2.2.x anteriores a 2.2.4, permite un salto de directorios relacionado con los gr\u00e1ficos de Helm debido a un error en helmTemplate en el archivo repository.go. Por ejemplo, un atacante puede ser capaz de detectar las credenciales almacenadas en un archivo YAML"
}
],
"id": "CVE-2022-24348",
"lastModified": "2024-11-21T06:50:13.463",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-04T21:15:08.103",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-63qx-x74g-jcr7
Vulnerability from github
Published
2022-02-07 19:06
Modified
2024-08-07 19:46
Severity ?
Summary
Path traversal and dereference of symlinks in Argo CD
Details
Impact
All versions of Argo CD are vulnerable to a path traversal bug that allows to pass arbitrary values files to be consumed by Helm charts.
Additionally, it is possible to craft special Helm chart packages containing value files that are actually symbolic links, pointing to arbitrary files outside the repository's root directory.
If an attacker with permissions to create or update Applications knows or can guess the full path to a file containing valid YAML, they can create a malicious Helm chart to consume that YAML as values files, thereby gaining access to data they would otherwise have no access to.
The impact can especially become critical in environments that make use of encrypted value files (e.g. using plugins with git-crypt or SOPS) containing sensitive or confidential data, and decrypt these secrets to disk before rendering the Helm chart.
Also, because any error message from helm template is passed back to the user, and these error messages are quite verbose, enumeration of files on the repository server's file system is possible.
Patches
A patch for this vulnerability has been released in the following Argo CD versions:
- v2.3.0
- v2.2.4
- v2.1.9
We urge users of Argo CD to update their installation to one of the fixed versions as listed above.
Workarounds
No workaround for this issue.
References
- https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24348
For more information
- Open an issue in the Argo CD issue tracker or discussions
- Join us on Slack in channel
#argo-cd
Credits
The path traversal vulnerability was discovered and reported by Moshe Zioni, VP Security Research, Apiiro.
During the development of a fix for the path traversal vulnerability, the Argo CD team discovered the related issue with symbolic links.
The Argo CD team would like to thank Moshe Zioni for the responsible disclosure, and the constructive discussions during handling this issue!
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.2.0"
},
{
"fixed": "2.2.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24348"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2022-02-03T22:53:47Z",
"nvd_published_at": "2022-02-04T21:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nAll versions of Argo CD are vulnerable to a path traversal bug that allows to pass arbitrary values files to be consumed by Helm charts. \n\nAdditionally, it is possible to craft special Helm chart packages containing value files that are actually symbolic links, pointing to arbitrary files outside the repository\u0027s root directory.\n\nIf an attacker with permissions to create or update Applications knows or can guess the full path to a file containing valid YAML, they can create a malicious Helm chart to consume that YAML as values files, thereby gaining access to data they would otherwise have no access to. \n\nThe impact can especially become critical in environments that make use of encrypted value files (e.g. using plugins with git-crypt or SOPS) containing sensitive or confidential data, and decrypt these secrets to disk before rendering the Helm chart.\n\nAlso, because any error message from `helm template` is passed back to the user, and these error messages are quite verbose, enumeration of files on the repository server\u0027s file system is possible.\n\n### Patches\n\nA patch for this vulnerability has been released in the following Argo CD versions:\n\n* v2.3.0\n* v2.2.4\n* v2.1.9\n\nWe urge users of Argo CD to update their installation to one of the fixed versions as listed above.\n\n### Workarounds\n\nNo workaround for this issue.\n\n### References\n\n* https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments\n* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24348\n\n### For more information\n\n* Open an issue in [the Argo CD issue tracker](https://github.com/argoproj/argo-cd/issues) or [discussions](https://github.com/argoproj/argo-cd/discussions)\n* Join us on [Slack](https://argoproj.github.io/community/join-slack) in channel `#argo-cd`\n\n### Credits\n\nThe path traversal vulnerability was discovered and reported by Moshe Zioni, VP Security Research, [Apiiro](https://www.apiiro.com). \n\nDuring the development of a fix for the path traversal vulnerability, the Argo CD team discovered the related issue with symbolic links.\n\nThe Argo CD team would like to thank Moshe Zioni for the responsible disclosure, and the constructive discussions during handling this issue!\n",
"id": "GHSA-63qx-x74g-jcr7",
"modified": "2024-08-07T19:46:23Z",
"published": "2022-02-07T19:06:18Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24348"
},
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/commit/78c2084f0febd159039ff785ddc2bd4ba1cecf88"
},
{
"type": "WEB",
"url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments"
},
{
"type": "PACKAGE",
"url": "https://github.com/argoproj/argo-cd"
},
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/releases/tag/v2.1.9"
},
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/releases/tag/v2.2.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Path traversal and dereference of symlinks in Argo CD"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.