8.2

CVE-2024-13484

Openshift-gitops-operator-container: namespace isolation break

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Collection URLhttps://github.com/redhat-developer/gitops-operator
Paket gitops-operator
Default Statusunaffected
Version 0
Version < 1.13
Status affected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.14
Default Statusaffected
Version v1.14.4-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-1
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.15
Default Statusaffected
Version v1.15.2-4
Version < *
Status unaffected
HerstellerRed Hat
Produkt Red Hat OpenShift GitOps 1.16
Default Statusaffected
Version 1.16
Version < *
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.122
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 8.2 1.5 6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

https://access.redhat.com/security/cve/CVE-2024-13484
https://bugzilla.redhat.com/show_bug.cgi?id=2269376
https://access.redhat.com/errata/RHSA-2025:7753
https://access.redhat.com/errata/RHSA-2025:8274
https://access.redhat.com/errata/RHSA-2025:9506
https://github.com/redhat-developer/gitops-operator/pull/853
https://github.com/redhat-developer/gitops-operator/pull/867
https://github.com/redhat-developer/gitops-operator/pull/868
https://github.com/redhat-developer/gitops-operator/pull/869