github.com/redhat-developer/gitops-operator

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/redhat-developer/gitops-operatorpage 1 of 1

CVE-2024-13484HIGHCVSS 8.2EG 8.2
2025-01-28
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have…
CVE-2025-13888CRITICALCVSS 9.1EG 9.1
2025-12-15
A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker c…

Check whether github.com/redhat-developer/gitops-operator is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/redhat-developer/gitops-operator CVEs against the assets you own.

Start Free Scan →