apk package
chainguard/argo-cd-2.13
pkg:apk/chainguard/argo-cd-2.13
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45337 | Cri | 9.1 | < 2.13.2-r1 | 2.13.2-r1 | Dec 12, 2024 | Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that | |
| CVE-2024-35255 | — | < 2.13.0-r1 | 2.13.0-r1 | Jun 11, 2024 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability |
- affected < 2.13.2-r1fixed 2.13.2-r1
Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that
- CVE-2024-35255Jun 11, 2024affected < 2.13.0-r1fixed 2.13.0-r1
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Page 2 of 2