VYPR

Go modules package

github.com/redhat-developer/gitops-operator

pkg:golang/github.com/redhat-developer/gitops-operator

Vulnerabilities (2)

  • CVE-2025-13888CriDec 15, 2025
    affected < 1.16.2fixed 1.16.2

    A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to

  • CVE-2024-13484HigJan 28, 2025
    affected < 1.16.2fixed 1.16.2

    A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitori