rhsa-2025:17730
Vulnerability from csaf_redhat
Published
2025-10-09 18:47
Modified
2025-11-26 15:51
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update
Notes
Topic
Important: Red Hat OpenShift GitOps v1.16.4 security update
Details
An update is now available for Red Hat OpenShift GitOps.
Bug Fix(es) and Enhancement(s):
* GITOPS-6703 (After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values)
* GITOPS-7180 (Redis HA Proxy pod fails to start with Security Context error)
* GITOPS-7461 (Redis container fails with "runAsNonRoot and image will run as root" after upgrade to argocd-operator 0.14.1)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Red Hat OpenShift GitOps v1.16.4 security update",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat OpenShift GitOps.\nBug Fix(es) and Enhancement(s):\n* GITOPS-6703 (After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values)\n* GITOPS-7180 (Redis HA Proxy pod fails to start with Security Context error)\n* GITOPS-7461 (Redis container fails with \"runAsNonRoot and image will run as root\" after upgrade to argocd-operator 0.14.1)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17730",
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59531",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59537",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59538",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55191",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.16/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.16/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17730.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update",
"tracking": {
"current_release_date": "2025-11-26T15:51:03+00:00",
"generator": {
"date": "2025-11-26T15:51:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:17730",
"initial_release_date": "2025-10-09T18:47:06+00:00",
"revision_history": [
{
"date": "2025-10-09T18:47:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T03:58:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-26T15:51:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.16",
"product": {
"name": "Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Ac5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ac9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ac2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256%3A78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Aaf6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ab867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3Ad1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Abc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aefd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Af505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Abdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Af1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Ade943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Af1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Ac7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64 as a component of Red Hat OpenShift GitOps 1.16",
"product_id": "Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. The environment leverages malicious code protections such as IPS/IDS and antimalware solutions that detect and respond to indicators in real time, limiting the impact of exploitation attempts. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation and automated orchestration via Kubernetes minimize the likelihood of concurrent execution scenarios that would trigger the race condition and help contain the impact to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-55191",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-09-30T23:00:51.184899+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400562"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. The vulnerability is located in numerous repository related handlers in the util/db/repository_secrets.go file. A valid API token with repositories resource permissions (create, update, or delete actions) is required to trigger the race condition. This vulnerability causes the entire Argo CD server to crash and become unavailable. Attackers can repeatedly and continuously trigger the race condition to maintain a denial-of-service state, disrupting all GitOps operations. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo CD server itself. The host system running Argo CD is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55191"
},
{
"category": "external",
"summary": "RHBZ#2400562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400562"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7",
"url": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/pull/6103",
"url": "https://github.com/argoproj/argo-cd/pull/6103"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9"
}
],
"release_date": "2025-09-30T22:52:19.838000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "Systems may be configured to automatically restart a service upon crash and doing so may partially mitigate the availability impact of this vulnerability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd/v2: github.com/argoproj/argo-cd/v3: Argo CD race condition leading to crash"
},
{
"cve": "CVE-2025-59531",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-10-01T21:03:46.509567+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400935"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was identified in the Argo CD continuous delivery tool, which is distributed as part of Red Hat GitOps product. An unauthenticated attacker can exploit this flaw by sending a specially crafted request to the Application Programming Interface (API) webhook endpoint. This action causes the API server to crash, preventing it from restarting properly. By repeatedly targeting the server, an attacker can cause a complete service outage, making the Argo CD interface unavailable to all users. This vulnerability is only exposed in configurations where a specific webhook secret has not been set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security team, this happens because an unauthenticated attacker is able to cause a denial of service from the whole GitOps cluster. This vulnerability affects only clusters without a configured \u0027webhook.bitbucket.secret\u0027 configuration key, thus clusters that have this option configured are not exposed to this flaw.\n\nThis vulnerability lies in a unsafe cast when trying to retrieve the `repository.links.clone`JSON field from BitBucket-Server push request. When the unsafe cast is triggered, the goroutine created by the worker to process the request will fail within an assertion panic and, as it lacks a recovery routine, the whole argocd-server binary will be terminated. If an attacker manages to force all the argocd-server replica nodes to reach this assertion failure, a Denial of Service of the whole cluster will happen.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "RHBZ#2400935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f",
"url": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc"
}
],
"release_date": "2025-10-01T20:49:35.428000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "If a BitBucket repository is being used by GitOps it\u0027s possible to mitigate this vulnerability by setting up a BitBucket webhook secret to ensure only trusted parties can access the webhook endpoint.\n\nIn case BitBucket is not being used, the user can set the webhook secret to a long random value to prevent the webhook from being called:\n\n~~~\napiVersion: v1\nkind: Secret\nmetadata:\n name: argocd-secret\ntype: Opaque\ndata:\n+ webhook.bitbucketserver.secret: \u003cyour base64-encoded secret here\u003e\n~~~",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload"
},
{
"cve": "CVE-2025-59537",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-10-01T22:00:51.264122+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400938"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "RHBZ#2400938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"release_date": "2025-10-01T21:01:36.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service"
},
{
"cve": "CVE-2025-59538",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2025-10-01T22:00:57.544949+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400940"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "RHBZ#2400940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf",
"url": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
}
],
"release_date": "2025-10-01T21:09:08.870000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:24d8c9b3d5e2302d86a6522bb8997cdf203a1121825a1a84834a58c972561334_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:2e056fd5830a22ec87570415ee3621a8951386f86286970d21fcf76f5eb40a5b_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:4dff7f7534e02fcc989f8c58646acf0a8de6eb950514a9eaebe0d4db7f799bb8_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f505ecf3600e5f453867a4c9986c814ff774738387b135b881bbefdb64a8b6c0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:190f9d93d0383e9d67079af14eacc7d960895883106d58819a2dd928d07df227_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:41b064e75d6e1381582ed9ae018c93b72a0c380a02dc91e542cd8748b4de20b2_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:89b76d9ac08f2d7852e484f5cd3ba7c2aee0f9ff3444eb8a9344474125220042_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:f1ad261aa5b50b368a5a2619ec79e6f1a14b4f218ffc157a5c2e0c8f07c0b007_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:3caf15f8693245181eb1dc3adbf177c3be3095701b4fbb9ab64ec96af345855f_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:989eefed937fc36a100303b24ae8fd4d1a88599a3cd0160cfac77180cc188a3b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:bdd0a289775ce41a8b495e02626f2e84b39f27d8eab8e351faf13bd46c8bb843_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:c5a94378fa6de06979845d1dd57ee840d1c1e63bdec31a816ad80703dd677c29_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:400f6dc94a40d30e9bf08a6bbbdb69d03bac59f84c4d66620fa7d99b4b5a96f5_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:af6a17b989475611cccb8dde3fc4b04c07d83c808a9e36537e04fc220357836c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:bc2ef6df807856991b716adea85d114c5f61a6ea02d1d3dddc86ddd61bacab76_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c9d9ee712c5432f2ddf0985665a1ebc1ab8dfa49ddfd4829fd0eea8cb29c745d_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:0b76c3b83e7ffa1d650fdca227fa18a31a08339828160683ae7ff5a7a0bc6760_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:3a2a9cea446951e9ce350b51197a8a5c01691ec7b5ffc149a66ca9e3134a82a0_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:94e8b2edf66de66d8ed7a9acaeb49ecd11e07f828d0a4be642d87cdedbf6e8a4_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:de943611e032cfc21ffe468a4c5ebf3e4dc843cf33f1d476ed26504445cf3f24_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:645d19854b1ce41c0d260de0b210749453269f7418059be41c854f2e9bbf000c_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:6eb5d4b468ebf1732f466caebba617c30fb406623274a3acf7511805121e1eff_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:efd3f2795152ae8173722eb6695530bc5a986ea2572967038043d67eb65ead0c_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:f1160e0c44027b8a6f04e207020eb2b64683d271cf9153836ecce8c67579463b_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:78dc89a4a9dfb8dcf93224fd9a3caa63ea1551f8da73a88aebb284123d4a2962_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:20eba0b58edf23d29297fd53e76fbc2206f87b7a34ee83e98dcf013802fb6c2b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:52ffe54a0935e54b8d7712a01f65beb6030524a6bc5ea3ae2f59bc1b75fb5ef7_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:814349bf64d3571529ef554df85dfb765446ce199fd771552b236a88ca56a362_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:c7c68a98f7cf428c7f228a66c85d42ddc709a2bd453c9bcfb47899b7f2e1fed0_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:6909fc584a220d7f3cb684d152d9c9167d177873f83437891a04d85b7a24d851_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:8deb789cb88a48e8f887d5b33858a7d11e5d9d240290ee48bd7d4f32243dd38f_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:b867573876278eb19c89dcd4fac0c68f16a0daccfedaeee16589decac44ace75_arm64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:c2e038f48d3ccfead013900cc72c201fc55bfd3b6fcb9eb5560a24687e5ff283_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2f35704b4a52925cbe845743de00c271ac07accd5a59c2d215b2b80491f72c0b_ppc64le",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:6f73f190baf0b9ce6be84db1bda73bc9cccbaf11b2b23751c449fa7506a2fc94_s390x",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:914953316db02f903e76941af5716c25aa38c73ace8b297f11fbcb6d859aff6f_amd64",
"Red Hat OpenShift GitOps 1.16:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:d1aaa9ae4291f7472576393040b4862cad491251c744cee7c6730a1d35e5f104_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…