VYPR
High severity7.5NVD Advisory· Published Sep 6, 2025· Updated Jun 17, 2026

CVE-2025-58445

CVE-2025-58445

Description

Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. All versions of Atlantis publicly expose detailed version information through its /status endpoint. This information disclosure could allow attackers to identify and target known vulnerabilities associated with the specific versions, potentially compromising the service's security posture. This issue does not currently have a fix.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/runatlantis/atlantisGo
<= 0.35.1

Affected products

8

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.