apk package

chainguard/argo-cd-2.9

pkg:apk/chainguard/argo-cd-2.9

Vulnerabilities (23)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-5528	—	< 0	0	Nov 14, 2023	A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
CVE-2023-47108	—	< 2.9.2-r1	2.9.2-r1	Nov 10, 2023	OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality.
CVE-2021-25743	—	< 0	0	Jan 7, 2022	kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.

CVE-2023-5528Nov 14, 2023
affected < 0fixed 0
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
CVE-2023-47108Nov 10, 2023
affected < 2.9.2-r1fixed 2.9.2-r1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality.
CVE-2021-25743Jan 7, 2022
affected < 0fixed 0
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.

Page 2 of 2