From fdf250309fc9467567708ca8f1c3b44f8c74594b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 20 Oct 2024 12:12:45 +0000 Subject: [PATCH] [Bot] docs: Update Snyk reports (#20465) Signed-off-by: CI Co-authored-by: CI --- docs/snyk/index.md | 78 +- docs/snyk/master/argocd-iac-install.html | 68 +- .../master/argocd-iac-namespace-install.html | 68 +- docs/snyk/master/argocd-test.html | 8 +- .../master/ghcr.io_dexidp_dex_v2.41.1.html | 2 +- ..._docker_library_haproxy_2.6.17-alpine.html | 2 +- ...ws_docker_library_redis_7.0.15-alpine.html | 2 +- .../quay.io_argoproj_argocd_latest.html | 398 ++++----- docs/snyk/master/redis_7.0.15-alpine.html | 2 +- .../argocd-iac-install.html | 2 +- .../argocd-iac-namespace-install.html | 2 +- .../{v2.10.17 => v2.10.18}/argocd-test.html | 2 +- .../ghcr.io_dexidp_dex_v2.37.0.html | 6 +- .../haproxy_2.6.14-alpine.html | 2 +- .../quay.io_argoproj_argocd_v2.10.18.html} | 776 ++++++++--------- .../redis_7.0.15-alpine.html | 2 +- .../argocd-iac-install.html | 2 +- .../argocd-iac-namespace-install.html | 2 +- .../{v2.11.9 => v2.11.11}/argocd-test.html | 2 +- .../ghcr.io_dexidp_dex_v2.38.0.html | 2 +- .../haproxy_2.6.14-alpine.html | 2 +- .../quay.io_argoproj_argocd_v2.11.11.html} | 778 +++++++++--------- .../redis_7.0.15-alpine.html | 2 +- .../argocd-iac-install.html | 2 +- .../argocd-iac-namespace-install.html | 2 +- .../{v2.12.4 => v2.12.6}/argocd-test.html | 2 +- .../ghcr.io_dexidp_dex_v2.38.0.html | 2 +- ..._docker_library_haproxy_2.6.17-alpine.html | 2 +- ...ws_docker_library_redis_7.0.15-alpine.html | 2 +- .../quay.io_argoproj_argocd_v2.12.6.html} | 574 ++++++------- .../redis_7.0.15-alpine.html | 2 +- .../argocd-iac-install.html | 2 +- .../argocd-iac-namespace-install.html | 2 +- .../argocd-test.html | 2 +- .../ghcr.io_dexidp_dex_v2.41.1.html | 2 +- ..._docker_library_haproxy_2.6.17-alpine.html | 2 +- ...ws_docker_library_redis_7.0.15-alpine.html | 2 +- .../quay.io_argoproj_argocd_v2.13.0-rc5.html} | 572 ++++++------- .../redis_7.0.15-alpine.html | 2 +- 39 files changed, 1692 insertions(+), 1692 deletions(-) rename docs/snyk/{v2.10.17 => v2.10.18}/argocd-iac-install.html (99%) rename docs/snyk/{v2.10.17 => v2.10.18}/argocd-iac-namespace-install.html (99%) rename docs/snyk/{v2.10.17 => v2.10.18}/argocd-test.html (99%) rename docs/snyk/{v2.10.17 => v2.10.18}/ghcr.io_dexidp_dex_v2.37.0.html (99%) rename docs/snyk/{v2.11.9 => v2.10.18}/haproxy_2.6.14-alpine.html (99%) rename docs/snyk/{v2.10.17/quay.io_argoproj_argocd_v2.10.17.html => v2.10.18/quay.io_argoproj_argocd_v2.10.18.html} (97%) rename docs/snyk/{v2.10.17 => v2.10.18}/redis_7.0.15-alpine.html (99%) rename docs/snyk/{v2.11.9 => v2.11.11}/argocd-iac-install.html (99%) rename docs/snyk/{v2.11.9 => v2.11.11}/argocd-iac-namespace-install.html (99%) rename docs/snyk/{v2.11.9 => v2.11.11}/argocd-test.html (99%) rename docs/snyk/{v2.12.4 => v2.11.11}/ghcr.io_dexidp_dex_v2.38.0.html (99%) rename docs/snyk/{v2.10.17 => v2.11.11}/haproxy_2.6.14-alpine.html (99%) rename docs/snyk/{v2.11.9/quay.io_argoproj_argocd_v2.11.9.html => v2.11.11/quay.io_argoproj_argocd_v2.11.11.html} (96%) rename docs/snyk/{v2.11.9 => v2.11.11}/redis_7.0.15-alpine.html (99%) rename docs/snyk/{v2.12.4 => v2.12.6}/argocd-iac-install.html (99%) rename docs/snyk/{v2.12.4 => v2.12.6}/argocd-iac-namespace-install.html (99%) rename docs/snyk/{v2.12.4 => v2.12.6}/argocd-test.html (99%) rename docs/snyk/{v2.11.9 => v2.12.6}/ghcr.io_dexidp_dex_v2.38.0.html (99%) rename docs/snyk/{v2.12.4 => v2.12.6}/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html (99%) rename docs/snyk/{v2.13.0-rc3 => v2.12.6}/public.ecr.aws_docker_library_redis_7.0.15-alpine.html (99%) rename docs/snyk/{v2.12.4/quay.io_argoproj_argocd_v2.12.4.html => v2.12.6/quay.io_argoproj_argocd_v2.12.6.html} (97%) rename docs/snyk/{v2.13.0-rc3 => v2.12.6}/redis_7.0.15-alpine.html (99%) rename docs/snyk/{v2.13.0-rc3 => v2.13.0-rc5}/argocd-iac-install.html (99%) rename docs/snyk/{v2.13.0-rc3 => v2.13.0-rc5}/argocd-iac-namespace-install.html (99%) rename docs/snyk/{v2.13.0-rc3 => v2.13.0-rc5}/argocd-test.html (99%) rename docs/snyk/{v2.13.0-rc3 => v2.13.0-rc5}/ghcr.io_dexidp_dex_v2.41.1.html (99%) rename docs/snyk/{v2.13.0-rc3 => v2.13.0-rc5}/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html (99%) rename docs/snyk/{v2.12.4 => v2.13.0-rc5}/public.ecr.aws_docker_library_redis_7.0.15-alpine.html (99%) rename docs/snyk/{v2.13.0-rc3/quay.io_argoproj_argocd_v2.13.0-rc3.html => v2.13.0-rc5/quay.io_argoproj_argocd_v2.13.0-rc5.html} (96%) rename docs/snyk/{v2.12.4 => v2.13.0-rc5}/redis_7.0.15-alpine.html (99%) diff --git a/docs/snyk/index.md b/docs/snyk/index.md index 914d979bd6598..44bd30b39acc2 100644 --- a/docs/snyk/index.md +++ b/docs/snyk/index.md @@ -18,61 +18,61 @@ recent minor releases. | [dex:v2.41.1](master/ghcr.io_dexidp_dex_v2.41.1.html) | 0 | 0 | 0 | 1 | | [haproxy:2.6.17-alpine](master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html) | 0 | 0 | 2 | 3 | | [redis:7.0.15-alpine](master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:latest](master/quay.io_argoproj_argocd_latest.html) | 0 | 0 | 3 | 8 | +| [argocd:latest](master/quay.io_argoproj_argocd_latest.html) | 0 | 0 | 2 | 9 | | [redis:7.0.15-alpine](master/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | | [install.yaml](master/argocd-iac-install.html) | - | - | - | - | | [namespace-install.yaml](master/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.13.0-rc3 +### v2.13.0-rc5 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.13.0-rc3/argocd-test.html) | 0 | 0 | 7 | 0 | -| [ui/yarn.lock](v2.13.0-rc3/argocd-test.html) | 0 | 0 | 0 | 0 | -| [dex:v2.41.1](v2.13.0-rc3/ghcr.io_dexidp_dex_v2.41.1.html) | 0 | 0 | 0 | 1 | -| [haproxy:2.6.17-alpine](v2.13.0-rc3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html) | 0 | 0 | 2 | 3 | -| [redis:7.0.15-alpine](v2.13.0-rc3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:v2.13.0-rc3](v2.13.0-rc3/quay.io_argoproj_argocd_v2.13.0-rc3.html) | 0 | 0 | 3 | 8 | -| [redis:7.0.15-alpine](v2.13.0-rc3/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [install.yaml](v2.13.0-rc3/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.13.0-rc3/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.13.0-rc5/argocd-test.html) | 0 | 0 | 7 | 0 | +| [ui/yarn.lock](v2.13.0-rc5/argocd-test.html) | 0 | 0 | 0 | 0 | +| [dex:v2.41.1](v2.13.0-rc5/ghcr.io_dexidp_dex_v2.41.1.html) | 0 | 0 | 0 | 1 | +| [haproxy:2.6.17-alpine](v2.13.0-rc5/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html) | 0 | 0 | 2 | 3 | +| [redis:7.0.15-alpine](v2.13.0-rc5/public.ecr.aws_docker_library_redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | +| [argocd:v2.13.0-rc5](v2.13.0-rc5/quay.io_argoproj_argocd_v2.13.0-rc5.html) | 0 | 0 | 2 | 9 | +| [redis:7.0.15-alpine](v2.13.0-rc5/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.13.0-rc5/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.13.0-rc5/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.12.4 +### v2.12.6 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.12.4/argocd-test.html) | 0 | 0 | 8 | 0 | -| [ui/yarn.lock](v2.12.4/argocd-test.html) | 0 | 0 | 0 | 0 | -| [dex:v2.38.0](v2.12.4/ghcr.io_dexidp_dex_v2.38.0.html) | 0 | 0 | 6 | 6 | -| [haproxy:2.6.17-alpine](v2.12.4/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html) | 0 | 0 | 2 | 3 | -| [redis:7.0.15-alpine](v2.12.4/public.ecr.aws_docker_library_redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:v2.12.4](v2.12.4/quay.io_argoproj_argocd_v2.12.4.html) | 0 | 0 | 3 | 8 | -| [redis:7.0.15-alpine](v2.12.4/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [install.yaml](v2.12.4/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.12.4/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.12.6/argocd-test.html) | 0 | 0 | 8 | 0 | +| [ui/yarn.lock](v2.12.6/argocd-test.html) | 0 | 0 | 0 | 0 | +| [dex:v2.38.0](v2.12.6/ghcr.io_dexidp_dex_v2.38.0.html) | 0 | 0 | 6 | 6 | +| [haproxy:2.6.17-alpine](v2.12.6/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html) | 0 | 0 | 2 | 3 | +| [redis:7.0.15-alpine](v2.12.6/public.ecr.aws_docker_library_redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | +| [argocd:v2.12.6](v2.12.6/quay.io_argoproj_argocd_v2.12.6.html) | 0 | 0 | 2 | 9 | +| [redis:7.0.15-alpine](v2.12.6/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.12.6/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.12.6/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.11.9 +### v2.11.11 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.11.9/argocd-test.html) | 0 | 1 | 9 | 0 | -| [ui/yarn.lock](v2.11.9/argocd-test.html) | 0 | 0 | 0 | 0 | -| [dex:v2.38.0](v2.11.9/ghcr.io_dexidp_dex_v2.38.0.html) | 0 | 0 | 6 | 6 | -| [haproxy:2.6.14-alpine](v2.11.9/haproxy_2.6.14-alpine.html) | 0 | 1 | 7 | 6 | -| [argocd:v2.11.9](v2.11.9/quay.io_argoproj_argocd_v2.11.9.html) | 0 | 0 | 4 | 17 | -| [redis:7.0.15-alpine](v2.11.9/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [install.yaml](v2.11.9/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.11.9/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.11.11/argocd-test.html) | 0 | 1 | 9 | 0 | +| [ui/yarn.lock](v2.11.11/argocd-test.html) | 0 | 0 | 0 | 0 | +| [dex:v2.38.0](v2.11.11/ghcr.io_dexidp_dex_v2.38.0.html) | 0 | 0 | 6 | 6 | +| [haproxy:2.6.14-alpine](v2.11.11/haproxy_2.6.14-alpine.html) | 0 | 1 | 7 | 6 | +| [argocd:v2.11.11](v2.11.11/quay.io_argoproj_argocd_v2.11.11.html) | 0 | 0 | 3 | 18 | +| [redis:7.0.15-alpine](v2.11.11/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.11.11/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.11.11/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.10.17 +### v2.10.18 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.10.17/argocd-test.html) | 0 | 1 | 9 | 0 | -| [ui/yarn.lock](v2.10.17/argocd-test.html) | 0 | 0 | 0 | 0 | -| [dex:v2.37.0](v2.10.17/ghcr.io_dexidp_dex_v2.37.0.html) | 1 | 1 | 10 | 6 | -| [haproxy:2.6.14-alpine](v2.10.17/haproxy_2.6.14-alpine.html) | 0 | 1 | 7 | 6 | -| [argocd:v2.10.17](v2.10.17/quay.io_argoproj_argocd_v2.10.17.html) | 0 | 0 | 4 | 17 | -| [redis:7.0.15-alpine](v2.10.17/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | -| [install.yaml](v2.10.17/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.10.17/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.10.18/argocd-test.html) | 0 | 1 | 9 | 0 | +| [ui/yarn.lock](v2.10.18/argocd-test.html) | 0 | 0 | 0 | 0 | +| [dex:v2.37.0](v2.10.18/ghcr.io_dexidp_dex_v2.37.0.html) | 1 | 1 | 10 | 6 | +| [haproxy:2.6.14-alpine](v2.10.18/haproxy_2.6.14-alpine.html) | 0 | 1 | 7 | 6 | +| [argocd:v2.10.18](v2.10.18/quay.io_argoproj_argocd_v2.10.18.html) | 0 | 0 | 3 | 18 | +| [redis:7.0.15-alpine](v2.10.18/redis_7.0.15-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.10.18/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.10.18/argocd-iac-namespace-install.html) | - | - | - | - | diff --git a/docs/snyk/master/argocd-iac-install.html b/docs/snyk/master/argocd-iac-install.html index 075b7526a6028..4322fc0c9e5a5 100644 --- a/docs/snyk/master/argocd-iac-install.html +++ b/docs/snyk/master/argocd-iac-install.html @@ -456,7 +456,7 @@

Snyk test report

-

October 13th 2024, 12:21:16 am (UTC+00:00)

+

October 20th 2024, 12:21:37 am (UTC+00:00)

Scanned the following path: @@ -881,7 +881,7 @@

Container could be running with outdated image

  • - Line number: 23521 + Line number: 23527
    • @@ -933,7 +933,7 @@

    Container could be running with outdated image

  • - Line number: 23828 + Line number: 23834
    • @@ -1049,7 +1049,7 @@

    Container has no CPU limit

  • - Line number: 23323 + Line number: 23329
    • @@ -1107,7 +1107,7 @@

    Container has no CPU limit

  • - Line number: 23277 + Line number: 23283
    • @@ -1165,7 +1165,7 @@

    Container has no CPU limit

  • - Line number: 23385 + Line number: 23391
    • @@ -1223,7 +1223,7 @@

    Container has no CPU limit

  • - Line number: 23492 + Line number: 23498
    • @@ -1281,7 +1281,7 @@

    Container has no CPU limit

  • - Line number: 23516 + Line number: 23522
    • @@ -1339,7 +1339,7 @@

    Container has no CPU limit

  • - Line number: 23828 + Line number: 23834
    • @@ -1397,7 +1397,7 @@

    Container has no CPU limit

  • - Line number: 23575 + Line number: 23581
    • @@ -1455,7 +1455,7 @@

    Container has no CPU limit

  • - Line number: 23915 + Line number: 23921
    • @@ -1513,7 +1513,7 @@

    Container has no CPU limit

  • - Line number: 24307 + Line number: 24313
    • @@ -1565,7 +1565,7 @@

    Container is running with multiple open ports

  • - Line number: 23303 + Line number: 23309
    • @@ -1669,7 +1669,7 @@

    Container is running without liveness probe

  • - Line number: 23277 + Line number: 23283
    • @@ -1721,7 +1721,7 @@

    Container is running without liveness probe

  • - Line number: 23492 + Line number: 23498
    • @@ -1837,7 +1837,7 @@

    Container is running without memory limit

  • - Line number: 23277 + Line number: 23283
    • @@ -1895,7 +1895,7 @@

    Container is running without memory limit

  • - Line number: 23323 + Line number: 23329
    • @@ -1953,7 +1953,7 @@

    Container is running without memory limit

  • - Line number: 23385 + Line number: 23391
    • @@ -2011,7 +2011,7 @@

    Container is running without memory limit

  • - Line number: 23492 + Line number: 23498
    • @@ -2069,7 +2069,7 @@

    Container is running without memory limit

  • - Line number: 23516 + Line number: 23522
    • @@ -2127,7 +2127,7 @@

    Container is running without memory limit

  • - Line number: 23828 + Line number: 23834
    • @@ -2185,7 +2185,7 @@

    Container is running without memory limit

  • - Line number: 23575 + Line number: 23581
    • @@ -2243,7 +2243,7 @@

    Container is running without memory limit

  • - Line number: 23915 + Line number: 23921
    • @@ -2301,7 +2301,7 @@

    Container is running without memory limit

  • - Line number: 24307 + Line number: 24313
    • @@ -2357,7 +2357,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23199 + Line number: 23205
    • @@ -2413,7 +2413,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23331 + Line number: 23337
    • @@ -2469,7 +2469,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23306 + Line number: 23312
    • @@ -2525,7 +2525,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23424 + Line number: 23430
    • @@ -2581,7 +2581,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23509 + Line number: 23515
    • @@ -2637,7 +2637,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23523 + Line number: 23529
    • @@ -2693,7 +2693,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23835 + Line number: 23841
    • @@ -2749,7 +2749,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 23801 + Line number: 23807
    • @@ -2805,7 +2805,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 24206 + Line number: 24212
    • @@ -2861,7 +2861,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 24526 + Line number: 24532
    • diff --git a/docs/snyk/master/argocd-iac-namespace-install.html b/docs/snyk/master/argocd-iac-namespace-install.html index 75682876520be..85421946d6192 100644 --- a/docs/snyk/master/argocd-iac-namespace-install.html +++ b/docs/snyk/master/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:21:25 am (UTC+00:00)

    +

    October 20th 2024, 12:21:46 am (UTC+00:00)

    Scanned the following path: @@ -835,7 +835,7 @@

    Container could be running with outdated image

  • - Line number: 1150 + Line number: 1156
    • @@ -887,7 +887,7 @@

    Container could be running with outdated image

  • - Line number: 1457 + Line number: 1463
    • @@ -1003,7 +1003,7 @@

    Container has no CPU limit

  • - Line number: 952 + Line number: 958
    • @@ -1061,7 +1061,7 @@

    Container has no CPU limit

  • - Line number: 906 + Line number: 912
    • @@ -1119,7 +1119,7 @@

    Container has no CPU limit

  • - Line number: 1014 + Line number: 1020
    • @@ -1177,7 +1177,7 @@

    Container has no CPU limit

  • - Line number: 1121 + Line number: 1127
    • @@ -1235,7 +1235,7 @@

    Container has no CPU limit

  • - Line number: 1145 + Line number: 1151
    • @@ -1293,7 +1293,7 @@

    Container has no CPU limit

  • - Line number: 1457 + Line number: 1463
    • @@ -1351,7 +1351,7 @@

    Container has no CPU limit

  • - Line number: 1204 + Line number: 1210
    • @@ -1409,7 +1409,7 @@

    Container has no CPU limit

  • - Line number: 1544 + Line number: 1550
    • @@ -1467,7 +1467,7 @@

    Container has no CPU limit

  • - Line number: 1936 + Line number: 1942
    • @@ -1519,7 +1519,7 @@

    Container is running with multiple open ports

  • - Line number: 932 + Line number: 938
    • @@ -1623,7 +1623,7 @@

    Container is running without liveness probe

  • - Line number: 906 + Line number: 912
    • @@ -1675,7 +1675,7 @@

    Container is running without liveness probe

  • - Line number: 1121 + Line number: 1127
    • @@ -1791,7 +1791,7 @@

    Container is running without memory limit

  • - Line number: 906 + Line number: 912
    • @@ -1849,7 +1849,7 @@

    Container is running without memory limit

  • - Line number: 952 + Line number: 958
    • @@ -1907,7 +1907,7 @@

    Container is running without memory limit

  • - Line number: 1014 + Line number: 1020
    • @@ -1965,7 +1965,7 @@

    Container is running without memory limit

  • - Line number: 1121 + Line number: 1127
    • @@ -2023,7 +2023,7 @@

    Container is running without memory limit

  • - Line number: 1145 + Line number: 1151
    • @@ -2081,7 +2081,7 @@

    Container is running without memory limit

  • - Line number: 1457 + Line number: 1463
    • @@ -2139,7 +2139,7 @@

    Container is running without memory limit

  • - Line number: 1204 + Line number: 1210
    • @@ -2197,7 +2197,7 @@

    Container is running without memory limit

  • - Line number: 1544 + Line number: 1550
    • @@ -2255,7 +2255,7 @@

    Container is running without memory limit

  • - Line number: 1936 + Line number: 1942
    • @@ -2311,7 +2311,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 828 + Line number: 834
    • @@ -2367,7 +2367,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 960 + Line number: 966
    • @@ -2423,7 +2423,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 935 + Line number: 941
    • @@ -2479,7 +2479,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 1053 + Line number: 1059
    • @@ -2535,7 +2535,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 1138 + Line number: 1144
    • @@ -2591,7 +2591,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 1152 + Line number: 1158
    • @@ -2647,7 +2647,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 1464 + Line number: 1470
    • @@ -2703,7 +2703,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 1430 + Line number: 1436
    • @@ -2759,7 +2759,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 1835 + Line number: 1841
    • @@ -2815,7 +2815,7 @@

    Container's or Pod's UID could clash with hos
  • - Line number: 2155 + Line number: 2161
    • diff --git a/docs/snyk/master/argocd-test.html b/docs/snyk/master/argocd-test.html index f33f07d3731b0..9dca5000de72a 100644 --- a/docs/snyk/master/argocd-test.html +++ b/docs/snyk/master/argocd-test.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:19:05 am (UTC+00:00)

    +

    October 20th 2024, 12:19:25 am (UTC+00:00)

    Scanned the following paths: @@ -722,7 +722,7 @@

    Detailed paths

    Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/xanzy/go-gitlab@0.111.0 + github.com/xanzy/go-gitlab@0.112.0 github.com/hashicorp/go-retryablehttp@0.7.7 @@ -928,7 +928,7 @@

    Detailed paths

    Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/xanzy/go-gitlab@0.111.0 + github.com/xanzy/go-gitlab@0.112.0 github.com/hashicorp/go-cleanhttp@0.5.2 @@ -939,7 +939,7 @@

    Detailed paths

    Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/xanzy/go-gitlab@0.111.0 + github.com/xanzy/go-gitlab@0.112.0 github.com/hashicorp/go-retryablehttp@0.7.7 diff --git a/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html b/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html index ffb9694f98849..af9476048567f 100644 --- a/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html +++ b/docs/snyk/master/ghcr.io_dexidp_dex_v2.41.1.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:19:16 am (UTC+00:00)

    +

    October 20th 2024, 12:19:34 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html b/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html index f5255bccf8dfe..95a6d5cec0fcc 100644 --- a/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html +++ b/docs/snyk/master/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:19:22 am (UTC+00:00)

    +

    October 20th 2024, 12:19:39 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html b/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html index 5ec0e40f81b8a..7efc9be476df6 100644 --- a/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html +++ b/docs/snyk/master/public.ecr.aws_docker_library_redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:19:27 am (UTC+00:00)

    +

    October 20th 2024, 12:19:49 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/master/quay.io_argoproj_argocd_latest.html b/docs/snyk/master/quay.io_argoproj_argocd_latest.html index 2536e7e77ebd9..54f6cb221c4bc 100644 --- a/docs/snyk/master/quay.io_argoproj_argocd_latest.html +++ b/docs/snyk/master/quay.io_argoproj_argocd_latest.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:19:45 am (UTC+00:00)

    +

    October 20th 2024, 12:20:08 am (UTC+00:00)

    Scanned the following paths: @@ -480,204 +480,6 @@

    Snyk test report

    -
    -

    CVE-2024-41996

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:latest/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:24.04 -
      • -
    • - Vulnerable module: - - openssl/libssl3t64 -
      • - -
    • Introduced through: - - docker-image|quay.io/argoproj/argocd@latest and openssl/libssl3t64@3.0.13-0ubuntu3.4 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - coreutils@9.4-3ubuntu6 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - cyrus-sasl2/libsasl2-modules@2.1.28+dfsg1-5ubuntu3.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - libfido2/libfido2-1@1.14.0-1build3 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - openssh/openssh-client@1:9.6p1-3ubuntu13.5 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - ca-certificates@20240203 - - openssl@3.0.13-0ubuntu3.4 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - libssh/libssh-4@0.10.6-2build2 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - krb5/libgssapi-krb5-2@1.20.1-6ubuntu2.1 - - krb5/libkrb5-3@1.20.1-6ubuntu2.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - openldap/libldap2@2.6.7+dfsg-1~exp1ubuntu8 - - cyrus-sasl2/libsasl2-2@2.1.28+dfsg1-5ubuntu3.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - openssl@3.0.13-0ubuntu3.4 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - ca-certificates@20240203 - - openssl@3.0.13-0ubuntu3.4 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. - See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

    -

    Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

    -

    Remediation

    -

    There is no fixed version for Ubuntu:24.04 openssl.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    - -

    Information Exposure

    @@ -1613,6 +1415,204 @@

    References

    More about this vulnerability

    +
    +
    +

    CVE-2024-41996

    +
    + +
    + low severity +
    + +
    + +
      +
    • + Manifest file: quay.io/argoproj/argocd:latest/argoproj/argocd Dockerfile +
      • +
    • + Package Manager: ubuntu:24.04 +
      • +
    • + Vulnerable module: + + openssl/libssl3t64 +
      • + +
    • Introduced through: + + docker-image|quay.io/argoproj/argocd@latest and openssl/libssl3t64@3.0.13-0ubuntu3.4 + +
      • +
    + +
    + + +

    Detailed paths

    + +
      +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + coreutils@9.4-3ubuntu6 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + cyrus-sasl2/libsasl2-modules@2.1.28+dfsg1-5ubuntu3.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + libfido2/libfido2-1@1.14.0-1build3 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + openssh/openssh-client@1:9.6p1-3ubuntu13.5 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ca-certificates@20240203 + + openssl@3.0.13-0ubuntu3.4 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + libssh/libssh-4@0.10.6-2build2 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + krb5/libgssapi-krb5-2@1.20.1-6ubuntu2.1 + + krb5/libkrb5-3@1.20.1-6ubuntu2.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + openldap/libldap2@2.6.7+dfsg-1~exp1ubuntu8 + + cyrus-sasl2/libsasl2-2@2.1.28+dfsg1-5ubuntu3.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + openssl@3.0.13-0ubuntu3.4 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ca-certificates@20240203 + + openssl@3.0.13-0ubuntu3.4 + + + +
      • +
    + +
    + +
    + +

    NVD Description

    +

    Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. + See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

    +

    Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

    +

    Remediation

    +

    There is no fixed version for Ubuntu:24.04 openssl.

    +

    References

    + + +
    + +
    +

    More about this vulnerability

    +
    +

    CVE-2024-26458

    diff --git a/docs/snyk/master/redis_7.0.15-alpine.html b/docs/snyk/master/redis_7.0.15-alpine.html index 652c76bb20a99..dda5c2e94451f 100644 --- a/docs/snyk/master/redis_7.0.15-alpine.html +++ b/docs/snyk/master/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:19:49 am (UTC+00:00)

    +

    October 20th 2024, 12:20:12 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/v2.10.17/argocd-iac-install.html b/docs/snyk/v2.10.18/argocd-iac-install.html similarity index 99% rename from docs/snyk/v2.10.17/argocd-iac-install.html rename to docs/snyk/v2.10.18/argocd-iac-install.html index 658cbaf60aa30..6cc1d282b71bd 100644 --- a/docs/snyk/v2.10.17/argocd-iac-install.html +++ b/docs/snyk/v2.10.18/argocd-iac-install.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:30:32 am (UTC+00:00)

    +

    October 20th 2024, 12:30:43 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.10.17/argocd-iac-namespace-install.html b/docs/snyk/v2.10.18/argocd-iac-namespace-install.html similarity index 99% rename from docs/snyk/v2.10.17/argocd-iac-namespace-install.html rename to docs/snyk/v2.10.18/argocd-iac-namespace-install.html index ea5452d9f7e4d..b8bcbd19def14 100644 --- a/docs/snyk/v2.10.17/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.10.18/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:30:40 am (UTC+00:00)

    +

    October 20th 2024, 12:30:51 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.10.17/argocd-test.html b/docs/snyk/v2.10.18/argocd-test.html similarity index 99% rename from docs/snyk/v2.10.17/argocd-test.html rename to docs/snyk/v2.10.18/argocd-test.html index 325e120b9330d..a65fe116e12c1 100644 --- a/docs/snyk/v2.10.17/argocd-test.html +++ b/docs/snyk/v2.10.18/argocd-test.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:28:41 am (UTC+00:00)

    +

    October 20th 2024, 12:28:51 am (UTC+00:00)

    Scanned the following paths: diff --git a/docs/snyk/v2.10.17/ghcr.io_dexidp_dex_v2.37.0.html b/docs/snyk/v2.10.18/ghcr.io_dexidp_dex_v2.37.0.html similarity index 99% rename from docs/snyk/v2.10.17/ghcr.io_dexidp_dex_v2.37.0.html rename to docs/snyk/v2.10.18/ghcr.io_dexidp_dex_v2.37.0.html index c0798250daec3..31b5561fe2be1 100644 --- a/docs/snyk/v2.10.17/ghcr.io_dexidp_dex_v2.37.0.html +++ b/docs/snyk/v2.10.18/ghcr.io_dexidp_dex_v2.37.0.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:28:48 am (UTC+00:00)

    +

    October 20th 2024, 12:28:58 am (UTC+00:00)

    Scanned the following paths: @@ -1454,7 +1454,7 @@

    NVD Description

    it to ignore empty associated data entries which are unauthenticated as a consequence.

    Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing + authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications.

    The AES-SIV algorithm allows for authentication of multiple associated @@ -2752,7 +2752,7 @@

    References

  • Google Groups Forum
  • Jenkins Advisory
  • Security Release
    • -
  • Nuclei Templates
    • +
  • Nuclei Templates
    • diff --git a/docs/snyk/v2.11.9/haproxy_2.6.14-alpine.html b/docs/snyk/v2.10.18/haproxy_2.6.14-alpine.html similarity index 99% rename from docs/snyk/v2.11.9/haproxy_2.6.14-alpine.html rename to docs/snyk/v2.10.18/haproxy_2.6.14-alpine.html index ef9d55e7de21e..426349716c92d 100644 --- a/docs/snyk/v2.11.9/haproxy_2.6.14-alpine.html +++ b/docs/snyk/v2.10.18/haproxy_2.6.14-alpine.html @@ -456,7 +456,7 @@

    Snyk test report

    -

    October 13th 2024, 12:26:43 am (UTC+00:00)

    +

    October 20th 2024, 12:29:02 am (UTC+00:00)

    Scanned the following path: diff --git a/docs/snyk/v2.10.17/quay.io_argoproj_argocd_v2.10.17.html b/docs/snyk/v2.10.18/quay.io_argoproj_argocd_v2.10.18.html similarity index 97% rename from docs/snyk/v2.10.17/quay.io_argoproj_argocd_v2.10.17.html rename to docs/snyk/v2.10.18/quay.io_argoproj_argocd_v2.10.18.html index 907ef04ed64a9..5e096cd03347e 100644 --- a/docs/snyk/v2.10.17/quay.io_argoproj_argocd_v2.10.17.html +++ b/docs/snyk/v2.10.18/quay.io_argoproj_argocd_v2.10.18.html @@ -456,16 +456,16 @@

    Snyk test report

    -

    October 13th 2024, 12:29:09 am (UTC+00:00)

    +

    October 20th 2024, 12:29:19 am (UTC+00:00)

    Scanned the following paths:
      -
    • quay.io/argoproj/argocd:v2.10.17/argoproj/argocd/Dockerfile (deb)
      • -
    • quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
      • -
    • quay.io/argoproj/argocd:v2.10.17//usr/local/bin/kustomize (gomodules)
      • -
    • quay.io/argoproj/argocd:v2.10.17/helm/v3//usr/local/bin/helm (gomodules)
      • -
    • quay.io/argoproj/argocd:v2.10.17/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.10.18/argoproj/argocd/Dockerfile (deb)
      • +
    • quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.10.18//usr/local/bin/kustomize (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.10.18/helm/v3//usr/local/bin/helm (gomodules)
      • +
    • quay.io/argoproj/argocd:v2.10.18/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
    @@ -492,7 +492,7 @@

    Allocation of Resources Without Limits or Throttling

  • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
  • Package Manager: golang @@ -559,182 +559,6 @@

    References

    More about this vulnerability

    • -
    -
    -

    CVE-2024-41996

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - openssl/libssl3 -
      • - -
    • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.10.17 and openssl/libssl3@3.0.2-0ubuntu1.18 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - libfido2/libfido2-1@1.10.0-1 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - ca-certificates@20240203~22.04.1 - - openssl@3.0.2-0ubuntu1.18 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.18 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - - krb5/libkrb5-3@1.19.2-2ubuntu0.4 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - openssl@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 - - ca-certificates@20240203~22.04.1 - - openssl@3.0.2-0ubuntu1.18 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

    -

    Remediation

    -

    There is no fixed version for Ubuntu:22.04 openssl.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    -

    Information Exposure

    @@ -748,7 +572,7 @@

    Information Exposure

    • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -761,7 +585,7 @@

      Information Exposure

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and libgcrypt20@1.9.4-3ubuntu3 + docker-image|quay.io/argoproj/argocd@v2.10.18 and libgcrypt20@1.9.4-3ubuntu3
    @@ -774,7 +598,7 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 libgcrypt20@1.9.4-3ubuntu3 @@ -783,7 +607,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -794,7 +618,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -805,7 +629,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -818,7 +642,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -831,7 +655,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -844,7 +668,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -857,7 +681,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -870,7 +694,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -883,7 +707,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -896,7 +720,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -909,7 +733,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -961,7 +785,7 @@

      CVE-2024-26462

      • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
      • Package Manager: ubuntu:22.04 @@ -974,7 +798,7 @@

        CVE-2024-26462

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.10.18 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
      @@ -987,7 +811,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -996,7 +820,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -1017,7 +841,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -1040,7 +864,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -1049,7 +873,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -1070,7 +894,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -1079,7 +903,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -1090,7 +914,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -1103,7 +927,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -1118,7 +942,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -1137,7 +961,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -1182,7 +1006,7 @@

        LGPL-3.0 license

        • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
        • Package Manager: golang @@ -1242,7 +1066,7 @@

          Denial of Service (DoS)

          • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
          • Package Manager: golang @@ -1352,7 +1176,7 @@

            MPL-2.0 license

            • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
            • Package Manager: golang @@ -1412,7 +1236,7 @@

              MPL-2.0 license

              • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
              • Package Manager: golang @@ -1472,7 +1296,7 @@

                MPL-2.0 license

                • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
                • Package Manager: golang @@ -1532,7 +1356,7 @@

                  MPL-2.0 license

                  • - Manifest file: quay.io/argoproj/argocd:v2.10.17/helm/v3 /usr/local/bin/helm + Manifest file: quay.io/argoproj/argocd:v2.10.18/helm/v3 /usr/local/bin/helm
                  • Package Manager: golang @@ -1592,7 +1416,7 @@

                    MPL-2.0 license

                    • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
                    • Package Manager: golang @@ -1652,7 +1476,7 @@

                      MPL-2.0 license

                      • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argo-cd/v2 /usr/local/bin/argocd
                      • Package Manager: golang @@ -1712,7 +1536,7 @@

                        CVE-2023-4039

                        • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                        • Package Manager: ubuntu:22.04 @@ -1725,7 +1549,7 @@

                          CVE-2023-4039

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 + docker-image|quay.io/argoproj/argocd@v2.10.18 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04
                        @@ -1738,7 +1562,7 @@

                        Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 @@ -1747,7 +1571,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -1758,7 +1582,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -1771,7 +1595,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gcc-12/gcc-12-base@12.3.0-1ubuntu1~22.04 @@ -1780,7 +1604,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gcc-12/libgcc-s1@12.3.0-1ubuntu1~22.04 @@ -1837,7 +1661,7 @@

                          CVE-2023-7008

                          • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                          • Package Manager: ubuntu:22.04 @@ -1850,7 +1674,7 @@

                            CVE-2023-7008

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and systemd/libsystemd0@249.11-0ubuntu3.12 + docker-image|quay.io/argoproj/argocd@v2.10.18 and systemd/libsystemd0@249.11-0ubuntu3.12
                          @@ -1863,7 +1687,7 @@

                          Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 systemd/libsystemd0@249.11-0ubuntu3.12 @@ -1872,7 +1696,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -1883,7 +1707,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 procps/libprocps8@2:3.3.17-6ubuntu2.1 @@ -1894,7 +1718,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 util-linux@2.37.2-4ubuntu3.4 @@ -1905,7 +1729,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 util-linux/bsdutils@1:2.37.2-4ubuntu3.4 @@ -1916,7 +1740,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -1929,7 +1753,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 systemd/libudev1@249.11-0ubuntu3.12 @@ -1938,7 +1762,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 libfido2/libfido2-1@1.10.0-1 @@ -1949,7 +1773,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 util-linux@2.37.2-4ubuntu3.4 @@ -1960,7 +1784,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -2015,7 +1839,7 @@

                            Arbitrary Code Injection

                            • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                            • Package Manager: ubuntu:22.04 @@ -2028,7 +1852,7 @@

                              Arbitrary Code Injection

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and shadow/passwd@1:4.8.1-2ubuntu2.2 + docker-image|quay.io/argoproj/argocd@v2.10.18 and shadow/passwd@1:4.8.1-2ubuntu2.2
                            @@ -2041,7 +1865,7 @@

                            Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 shadow/passwd@1:4.8.1-2ubuntu2.2 @@ -2050,7 +1874,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -2061,7 +1885,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -2072,7 +1896,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 shadow/login@1:4.8.1-2ubuntu2.2 @@ -2119,7 +1943,7 @@

                              Uncontrolled Recursion

                              • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                              • Package Manager: ubuntu:22.04 @@ -2132,7 +1956,7 @@

                                Uncontrolled Recursion

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 + docker-image|quay.io/argoproj/argocd@v2.10.18 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
                              @@ -2145,7 +1969,7 @@

                              Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 @@ -2154,7 +1978,7 @@

                                Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 grep@3.7-1build1 @@ -2207,7 +2031,7 @@

                                Integer Overflow or Wraparound

                                • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                                • Package Manager: ubuntu:22.04 @@ -2220,7 +2044,7 @@

                                  Integer Overflow or Wraparound

                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and pcre2/libpcre2-8-0@10.39-3ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.10.18 and pcre2/libpcre2-8-0@10.39-3ubuntu0.1
                                @@ -2233,7 +2057,7 @@

                                Detailed paths

                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 pcre2/libpcre2-8-0@10.39-3ubuntu0.1 @@ -2278,7 +2102,7 @@

                                  Release of Invalid Pointer or Reference

                                  • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                                  • Package Manager: ubuntu:22.04 @@ -2291,7 +2115,7 @@

                                    Release of Invalid Pointer or Reference

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.10.18 and patch@2.7.6-7build2
                                  @@ -2304,7 +2128,7 @@

                                  Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 patch@2.7.6-7build2 @@ -2348,7 +2172,7 @@

                                    Double Free

                                    • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                                    • Package Manager: ubuntu:22.04 @@ -2361,7 +2185,7 @@

                                      Double Free

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.10.18 and patch@2.7.6-7build2
                                    @@ -2374,7 +2198,7 @@

                                    Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 patch@2.7.6-7build2 @@ -2410,6 +2234,182 @@

                                      References

                                      More about this vulnerability

    +
    +
    +

    CVE-2024-41996

    +
    + +
    + low severity +
    + +
    + +
      +
    • + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile +
      • +
    • + Package Manager: ubuntu:22.04 +
      • +
    • + Vulnerable module: + + openssl/libssl3 +
      • + +
    • Introduced through: + + docker-image|quay.io/argoproj/argocd@v2.10.18 and openssl/libssl3@3.0.2-0ubuntu1.18 + +
      • +
    + +
    + + +

    Detailed paths

    + +
      +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + libfido2/libfido2-1@1.10.0-1 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + openssh/openssh-client@1:8.9p1-3ubuntu0.10 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + ca-certificates@20240203~22.04.1 + + openssl@3.0.2-0ubuntu1.18 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + git@1:2.34.1-1ubuntu1.11 + + curl/libcurl3-gnutls@7.81.0-1ubuntu1.18 + + libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + adduser@3.118ubuntu5 + + shadow/passwd@1:4.8.1-2ubuntu2.2 + + pam/libpam-modules@1.4.0-11ubuntu2.4 + + libnsl/libnsl2@1.3.0-2build2 + + libtirpc/libtirpc3@1.3.2-2ubuntu0.1 + + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 + + krb5/libkrb5-3@1.19.2-2ubuntu0.4 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + openssl@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.10.18 + + ca-certificates@20240203~22.04.1 + + openssl@3.0.2-0ubuntu1.18 + + + +
      • +
    + +
    + +
    + +

    NVD Description

    +

    Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. + See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    +

    Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

    +

    Remediation

    +

    There is no fixed version for Ubuntu:22.04 openssl.

    +

    References

    + + +
    + +
    +

    More about this vulnerability

    +
    +

    CVE-2023-50495

    @@ -2423,7 +2423,7 @@

    CVE-2023-50495

    • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -2436,7 +2436,7 @@

      CVE-2023-50495

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and ncurses/libtinfo6@6.3-2ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.10.18 and ncurses/libtinfo6@6.3-2ubuntu0.1
    @@ -2449,7 +2449,7 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libtinfo6@6.3-2ubuntu0.1 @@ -2458,7 +2458,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 bash@5.1-6ubuntu1.1 @@ -2469,7 +2469,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2480,7 +2480,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 less@590-1ubuntu0.22.04.3 @@ -2491,7 +2491,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 libedit/libedit2@3.1-20210910-1build1 @@ -2502,7 +2502,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2513,7 +2513,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -2524,7 +2524,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 procps@2:3.3.17-6ubuntu2.1 @@ -2535,7 +2535,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 util-linux@2.37.2-4ubuntu3.4 @@ -2546,7 +2546,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -2561,7 +2561,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2576,7 +2576,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2585,7 +2585,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 procps@2:3.3.17-6ubuntu2.1 @@ -2596,7 +2596,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2611,7 +2611,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2620,7 +2620,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 procps@2:3.3.17-6ubuntu2.1 @@ -2631,7 +2631,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/ncurses-base@6.3-2ubuntu0.1 @@ -2640,7 +2640,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -2687,7 +2687,7 @@

      CVE-2023-45918

      • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
      • Package Manager: ubuntu:22.04 @@ -2700,7 +2700,7 @@

        CVE-2023-45918

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and ncurses/libtinfo6@6.3-2ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.10.18 and ncurses/libtinfo6@6.3-2ubuntu0.1
      @@ -2713,7 +2713,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libtinfo6@6.3-2ubuntu0.1 @@ -2722,7 +2722,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 bash@5.1-6ubuntu1.1 @@ -2733,7 +2733,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2744,7 +2744,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 less@590-1ubuntu0.22.04.3 @@ -2755,7 +2755,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 libedit/libedit2@3.1-20210910-1build1 @@ -2766,7 +2766,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2777,7 +2777,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -2788,7 +2788,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 procps@2:3.3.17-6ubuntu2.1 @@ -2799,7 +2799,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 util-linux@2.37.2-4ubuntu3.4 @@ -2810,7 +2810,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -2825,7 +2825,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2840,7 +2840,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2849,7 +2849,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 procps@2:3.3.17-6ubuntu2.1 @@ -2860,7 +2860,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2875,7 +2875,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2884,7 +2884,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 procps@2:3.3.17-6ubuntu2.1 @@ -2895,7 +2895,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/ncurses-base@6.3-2ubuntu0.1 @@ -2904,7 +2904,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -2949,7 +2949,7 @@

        Resource Exhaustion

        • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
        • Package Manager: ubuntu:22.04 @@ -2962,7 +2962,7 @@

          Resource Exhaustion

        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and libzstd/libzstd1@1.4.8+dfsg-3build1 + docker-image|quay.io/argoproj/argocd@v2.10.18 and libzstd/libzstd1@1.4.8+dfsg-3build1
        @@ -2975,7 +2975,7 @@

        Detailed paths

        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 libzstd/libzstd1@1.4.8+dfsg-3build1 @@ -3026,7 +3026,7 @@

          Integer Overflow or Wraparound

          • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
          • Package Manager: ubuntu:22.04 @@ -3039,7 +3039,7 @@

            Integer Overflow or Wraparound

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.10.18 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
          @@ -3052,7 +3052,7 @@

          Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -3061,7 +3061,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3082,7 +3082,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3105,7 +3105,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -3114,7 +3114,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3135,7 +3135,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -3144,7 +3144,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -3155,7 +3155,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -3168,7 +3168,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -3183,7 +3183,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3202,7 +3202,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -3250,7 +3250,7 @@

            CVE-2024-26461

            • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
            • Package Manager: ubuntu:22.04 @@ -3263,7 +3263,7 @@

              CVE-2024-26461

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.10.18 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
            @@ -3276,7 +3276,7 @@

            Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -3285,7 +3285,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3306,7 +3306,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3329,7 +3329,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -3338,7 +3338,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3359,7 +3359,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -3368,7 +3368,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -3379,7 +3379,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -3392,7 +3392,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -3407,7 +3407,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3426,7 +3426,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -3471,7 +3471,7 @@

              CVE-2024-26458

              • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
              • Package Manager: ubuntu:22.04 @@ -3484,7 +3484,7 @@

                CVE-2024-26458

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.10.18 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
              @@ -3497,7 +3497,7 @@

              Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -3506,7 +3506,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3527,7 +3527,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3550,7 +3550,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -3559,7 +3559,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3580,7 +3580,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -3589,7 +3589,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -3600,7 +3600,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -3613,7 +3613,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -3628,7 +3628,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 adduser@3.118ubuntu5 @@ -3647,7 +3647,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -3692,7 +3692,7 @@

                Out-of-bounds Write

                • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                • Package Manager: ubuntu:22.04 @@ -3705,7 +3705,7 @@

                  Out-of-bounds Write

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and gnupg2/gpgv@2.2.27-3ubuntu2.1 + docker-image|quay.io/argoproj/argocd@v2.10.18 and gnupg2/gpgv@2.2.27-3ubuntu2.1
                @@ -3718,7 +3718,7 @@

                Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -3727,7 +3727,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -3738,7 +3738,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3749,7 +3749,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -3760,7 +3760,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -3771,7 +3771,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3784,7 +3784,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3797,7 +3797,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -3806,7 +3806,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3817,7 +3817,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3830,7 +3830,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 @@ -3839,7 +3839,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3850,7 +3850,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 @@ -3859,7 +3859,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3870,7 +3870,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -3879,7 +3879,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3890,7 +3890,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3903,7 +3903,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3916,7 +3916,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 @@ -3925,7 +3925,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3936,7 +3936,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3949,7 +3949,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3962,7 +3962,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 @@ -3971,7 +3971,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3982,7 +3982,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 @@ -3991,7 +3991,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4002,7 +4002,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gpgsm@2.2.27-3ubuntu2.1 @@ -4011,7 +4011,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4022,7 +4022,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4071,7 +4071,7 @@

                  Allocation of Resources Without Limits or Throttling

                • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                • Package Manager: ubuntu:22.04 @@ -4084,7 +4084,7 @@

                  Allocation of Resources Without Limits or Throttling

                  Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and glibc/libc-bin@2.35-0ubuntu3.8 + docker-image|quay.io/argoproj/argocd@v2.10.18 and glibc/libc-bin@2.35-0ubuntu3.8
                @@ -4097,7 +4097,7 @@

                Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 glibc/libc-bin@2.35-0ubuntu3.8 @@ -4106,7 +4106,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 glibc/libc6@2.35-0ubuntu3.8 @@ -4152,7 +4152,7 @@

                  Improper Input Validation

                  • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                  • Package Manager: ubuntu:22.04 @@ -4166,7 +4166,7 @@

                    Improper Input Validation

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17, git@1:2.34.1-1ubuntu1.11 and others + docker-image|quay.io/argoproj/argocd@v2.10.18, git@1:2.34.1-1ubuntu1.11 and others
                  @@ -4178,7 +4178,7 @@

                  Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -4189,7 +4189,7 @@

                    Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git@1:2.34.1-1ubuntu1.11 @@ -4198,7 +4198,7 @@

                    Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 git-lfs@3.0.2-1ubuntu0.2 @@ -4245,7 +4245,7 @@

                    Uncontrolled Recursion

                    • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                    • Package Manager: ubuntu:22.04 @@ -4258,7 +4258,7 @@

                      Uncontrolled Recursion

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 + docker-image|quay.io/argoproj/argocd@v2.10.18 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04
                    @@ -4271,7 +4271,7 @@

                    Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 @@ -4280,7 +4280,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -4291,7 +4291,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 apt@2.4.13 @@ -4304,7 +4304,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gcc-12/gcc-12-base@12.3.0-1ubuntu1~22.04 @@ -4313,7 +4313,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 gcc-12/libgcc-s1@12.3.0-1ubuntu1~22.04 @@ -4360,7 +4360,7 @@

                      Improper Input Validation

                      • - Manifest file: quay.io/argoproj/argocd:v2.10.17/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.10.18/argoproj/argocd Dockerfile
                      • Package Manager: ubuntu:22.04 @@ -4373,7 +4373,7 @@

                        Improper Input Validation

                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 and coreutils@8.32-4.1ubuntu1.2 + docker-image|quay.io/argoproj/argocd@v2.10.18 and coreutils@8.32-4.1ubuntu1.2
                      @@ -4386,7 +4386,7 @@

                      Detailed paths

                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.10.17 + docker-image|quay.io/argoproj/argocd@v2.10.18 coreutils@8.32-4.1ubuntu1.2 diff --git a/docs/snyk/v2.10.17/redis_7.0.15-alpine.html b/docs/snyk/v2.10.18/redis_7.0.15-alpine.html similarity index 99% rename from docs/snyk/v2.10.17/redis_7.0.15-alpine.html rename to docs/snyk/v2.10.18/redis_7.0.15-alpine.html index 197242997d776..2dc362eb724f2 100644 --- a/docs/snyk/v2.10.17/redis_7.0.15-alpine.html +++ b/docs/snyk/v2.10.18/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:29:13 am (UTC+00:00)

                        +

                        October 20th 2024, 12:29:23 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.11.9/argocd-iac-install.html b/docs/snyk/v2.11.11/argocd-iac-install.html similarity index 99% rename from docs/snyk/v2.11.9/argocd-iac-install.html rename to docs/snyk/v2.11.11/argocd-iac-install.html index 78906d004c725..ab61dc13775b0 100644 --- a/docs/snyk/v2.11.9/argocd-iac-install.html +++ b/docs/snyk/v2.11.11/argocd-iac-install.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:28:23 am (UTC+00:00)

                        +

                        October 20th 2024, 12:28:33 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.11.9/argocd-iac-namespace-install.html b/docs/snyk/v2.11.11/argocd-iac-namespace-install.html similarity index 99% rename from docs/snyk/v2.11.9/argocd-iac-namespace-install.html rename to docs/snyk/v2.11.11/argocd-iac-namespace-install.html index 7dcba587eae77..7af3d5990438e 100644 --- a/docs/snyk/v2.11.9/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.11.11/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:28:32 am (UTC+00:00)

                        +

                        October 20th 2024, 12:28:41 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.11.9/argocd-test.html b/docs/snyk/v2.11.11/argocd-test.html similarity index 99% rename from docs/snyk/v2.11.9/argocd-test.html rename to docs/snyk/v2.11.11/argocd-test.html index bfa96cabdcf72..2f5dbe407870a 100644 --- a/docs/snyk/v2.11.9/argocd-test.html +++ b/docs/snyk/v2.11.11/argocd-test.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:26:31 am (UTC+00:00)

                        +

                        October 20th 2024, 12:26:40 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.12.4/ghcr.io_dexidp_dex_v2.38.0.html b/docs/snyk/v2.11.11/ghcr.io_dexidp_dex_v2.38.0.html similarity index 99% rename from docs/snyk/v2.12.4/ghcr.io_dexidp_dex_v2.38.0.html rename to docs/snyk/v2.11.11/ghcr.io_dexidp_dex_v2.38.0.html index 97c33626eb53d..85acdde4dcacd 100644 --- a/docs/snyk/v2.12.4/ghcr.io_dexidp_dex_v2.38.0.html +++ b/docs/snyk/v2.11.11/ghcr.io_dexidp_dex_v2.38.0.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:24:20 am (UTC+00:00)

                        +

                        October 20th 2024, 12:26:46 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.10.17/haproxy_2.6.14-alpine.html b/docs/snyk/v2.11.11/haproxy_2.6.14-alpine.html similarity index 99% rename from docs/snyk/v2.10.17/haproxy_2.6.14-alpine.html rename to docs/snyk/v2.11.11/haproxy_2.6.14-alpine.html index 1461d5a9f80c6..40cd45caa2607 100644 --- a/docs/snyk/v2.10.17/haproxy_2.6.14-alpine.html +++ b/docs/snyk/v2.11.11/haproxy_2.6.14-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:28:52 am (UTC+00:00)

                        +

                        October 20th 2024, 12:26:52 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.11.9/quay.io_argoproj_argocd_v2.11.9.html b/docs/snyk/v2.11.11/quay.io_argoproj_argocd_v2.11.11.html similarity index 96% rename from docs/snyk/v2.11.9/quay.io_argoproj_argocd_v2.11.9.html rename to docs/snyk/v2.11.11/quay.io_argoproj_argocd_v2.11.11.html index e9df25c2b2b6d..a8e95aa739c83 100644 --- a/docs/snyk/v2.11.9/quay.io_argoproj_argocd_v2.11.9.html +++ b/docs/snyk/v2.11.11/quay.io_argoproj_argocd_v2.11.11.html @@ -456,16 +456,16 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:27:02 am (UTC+00:00)

                        +

                        October 20th 2024, 12:27:10 am (UTC+00:00)

                        Scanned the following paths:
                          -
                        • quay.io/argoproj/argocd:v2.11.9/argoproj/argocd/Dockerfile (deb)
                          • -
                        • quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
                          • -
                        • quay.io/argoproj/argocd:v2.11.9//usr/local/bin/kustomize (gomodules)
                          • -
                        • quay.io/argoproj/argocd:v2.11.9/helm/v3//usr/local/bin/helm (gomodules)
                          • -
                        • quay.io/argoproj/argocd:v2.11.9/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.11.11/argoproj/argocd/Dockerfile (deb)
                          • +
                        • quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.11.11//usr/local/bin/kustomize (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.11.11/helm/v3//usr/local/bin/helm (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.11.11/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
                        @@ -492,7 +492,7 @@

                        Allocation of Resources Without Limits or Throttling

                      • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
                      • Package Manager: golang @@ -559,182 +559,6 @@

                        References

                        More about this vulnerability

    -
    -
    -

    CVE-2024-41996

    -
    - -
    - medium severity -
    - -
    - -
      -
    • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile -
      • -
    • - Package Manager: ubuntu:22.04 -
      • -
    • - Vulnerable module: - - openssl/libssl3 -
      • - -
    • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.11.9 and openssl/libssl3@3.0.2-0ubuntu1.18 - -
      • -
    - -
    - - -

    Detailed paths

    - -
      -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - libfido2/libfido2-1@1.10.0-1 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - openssh/openssh-client@1:8.9p1-3ubuntu0.10 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - ca-certificates@20240203~22.04.1 - - openssl@3.0.2-0ubuntu1.18 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - git@1:2.34.1-1ubuntu1.11 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.18 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.2 - - pam/libpam-modules@1.4.0-11ubuntu2.4 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 - - krb5/libkrb5-3@1.19.2-2ubuntu0.4 - - openssl/libssl3@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - openssl@3.0.2-0ubuntu1.18 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 - - ca-certificates@20240203~22.04.1 - - openssl@3.0.2-0ubuntu1.18 - - - -
      • -
    - -
    - -
    - -

    NVD Description

    -

    Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    -

    Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

    -

    Remediation

    -

    There is no fixed version for Ubuntu:22.04 openssl.

    -

    References

    - - -
    - -
    -

    More about this vulnerability

    -
    -

    Information Exposure

    @@ -748,7 +572,7 @@

    Information Exposure

    • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -761,7 +585,7 @@

      Information Exposure

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and libgcrypt20@1.9.4-3ubuntu3 + docker-image|quay.io/argoproj/argocd@v2.11.11 and libgcrypt20@1.9.4-3ubuntu3
    @@ -774,7 +598,7 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 libgcrypt20@1.9.4-3ubuntu3 @@ -783,7 +607,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -794,7 +618,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -805,7 +629,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -818,7 +642,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -831,7 +655,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -844,7 +668,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -857,7 +681,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -870,7 +694,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -883,7 +707,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -896,7 +720,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -909,7 +733,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -961,7 +785,7 @@

      CVE-2024-26462

      • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
      • Package Manager: ubuntu:22.04 @@ -974,7 +798,7 @@

        CVE-2024-26462

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.11.11 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
      @@ -987,7 +811,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -996,7 +820,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -1017,7 +841,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -1040,7 +864,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -1049,7 +873,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -1070,7 +894,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -1079,7 +903,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -1090,7 +914,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -1103,7 +927,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -1118,7 +942,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -1137,7 +961,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -1182,7 +1006,7 @@

        LGPL-3.0 license

        • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
        • Package Manager: golang @@ -1242,7 +1066,7 @@

          Denial of Service (DoS)

          • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
          • Package Manager: golang @@ -1352,7 +1176,7 @@

            MPL-2.0 license

            • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
            • Package Manager: golang @@ -1412,7 +1236,7 @@

              MPL-2.0 license

              • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
              • Package Manager: golang @@ -1472,7 +1296,7 @@

                Insertion of Sensitive Information into Log File

                • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
                • Package Manager: golang @@ -1540,7 +1364,7 @@

                  MPL-2.0 license

                  • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
                  • Package Manager: golang @@ -1600,7 +1424,7 @@

                    MPL-2.0 license

                    • - Manifest file: quay.io/argoproj/argocd:v2.11.9/helm/v3 /usr/local/bin/helm + Manifest file: quay.io/argoproj/argocd:v2.11.11/helm/v3 /usr/local/bin/helm
                    • Package Manager: golang @@ -1660,7 +1484,7 @@

                      MPL-2.0 license

                      • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
                      • Package Manager: golang @@ -1720,7 +1544,7 @@

                        MPL-2.0 license

                        • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argo-cd/v2 /usr/local/bin/argocd
                        • Package Manager: golang @@ -1780,7 +1604,7 @@

                          CVE-2023-4039

                          • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                          • Package Manager: ubuntu:22.04 @@ -1793,7 +1617,7 @@

                            CVE-2023-4039

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 + docker-image|quay.io/argoproj/argocd@v2.11.11 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04
                          @@ -1806,7 +1630,7 @@

                          Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 @@ -1815,7 +1639,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -1826,7 +1650,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -1839,7 +1663,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gcc-12/gcc-12-base@12.3.0-1ubuntu1~22.04 @@ -1848,7 +1672,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gcc-12/libgcc-s1@12.3.0-1ubuntu1~22.04 @@ -1905,7 +1729,7 @@

                            CVE-2023-7008

                            • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                            • Package Manager: ubuntu:22.04 @@ -1918,7 +1742,7 @@

                              CVE-2023-7008

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and systemd/libsystemd0@249.11-0ubuntu3.12 + docker-image|quay.io/argoproj/argocd@v2.11.11 and systemd/libsystemd0@249.11-0ubuntu3.12
                            @@ -1931,7 +1755,7 @@

                            Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 systemd/libsystemd0@249.11-0ubuntu3.12 @@ -1940,7 +1764,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -1951,7 +1775,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 procps/libprocps8@2:3.3.17-6ubuntu2.1 @@ -1962,7 +1786,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 util-linux@2.37.2-4ubuntu3.4 @@ -1973,7 +1797,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 util-linux/bsdutils@1:2.37.2-4ubuntu3.4 @@ -1984,7 +1808,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -1997,7 +1821,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 systemd/libudev1@249.11-0ubuntu3.12 @@ -2006,7 +1830,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 libfido2/libfido2-1@1.10.0-1 @@ -2017,7 +1841,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 util-linux@2.37.2-4ubuntu3.4 @@ -2028,7 +1852,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -2083,7 +1907,7 @@

                              Arbitrary Code Injection

                              • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                              • Package Manager: ubuntu:22.04 @@ -2096,7 +1920,7 @@

                                Arbitrary Code Injection

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and shadow/passwd@1:4.8.1-2ubuntu2.2 + docker-image|quay.io/argoproj/argocd@v2.11.11 and shadow/passwd@1:4.8.1-2ubuntu2.2
                              @@ -2109,7 +1933,7 @@

                              Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 shadow/passwd@1:4.8.1-2ubuntu2.2 @@ -2118,7 +1942,7 @@

                                Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -2129,7 +1953,7 @@

                                Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -2140,7 +1964,7 @@

                                Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 shadow/login@1:4.8.1-2ubuntu2.2 @@ -2187,7 +2011,7 @@

                                Uncontrolled Recursion

                                • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                                • Package Manager: ubuntu:22.04 @@ -2200,7 +2024,7 @@

                                  Uncontrolled Recursion

                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 + docker-image|quay.io/argoproj/argocd@v2.11.11 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
                                @@ -2213,7 +2037,7 @@

                                Detailed paths

                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 @@ -2222,7 +2046,7 @@

                                  Detailed paths

                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 grep@3.7-1build1 @@ -2275,7 +2099,7 @@

                                  Integer Overflow or Wraparound

                                  • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                                  • Package Manager: ubuntu:22.04 @@ -2288,7 +2112,7 @@

                                    Integer Overflow or Wraparound

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and pcre2/libpcre2-8-0@10.39-3ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.11.11 and pcre2/libpcre2-8-0@10.39-3ubuntu0.1
                                  @@ -2301,7 +2125,7 @@

                                  Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 pcre2/libpcre2-8-0@10.39-3ubuntu0.1 @@ -2346,7 +2170,7 @@

                                    Release of Invalid Pointer or Reference

                                    • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                                    • Package Manager: ubuntu:22.04 @@ -2359,7 +2183,7 @@

                                      Release of Invalid Pointer or Reference

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.11.11 and patch@2.7.6-7build2
                                    @@ -2372,7 +2196,7 @@

                                    Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 patch@2.7.6-7build2 @@ -2416,7 +2240,7 @@

                                      Double Free

                                      • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                                      • Package Manager: ubuntu:22.04 @@ -2429,7 +2253,7 @@

                                        Double Free

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.11.11 and patch@2.7.6-7build2
                                      @@ -2442,7 +2266,7 @@

                                      Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 patch@2.7.6-7build2 @@ -2478,6 +2302,182 @@

                                        References

                                        More about this vulnerability

    +
    +
    +

    CVE-2024-41996

    +
    + +
    + low severity +
    + +
    + +
      +
    • + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile +
      • +
    • + Package Manager: ubuntu:22.04 +
      • +
    • + Vulnerable module: + + openssl/libssl3 +
      • + +
    • Introduced through: + + docker-image|quay.io/argoproj/argocd@v2.11.11 and openssl/libssl3@3.0.2-0ubuntu1.18 + +
      • +
    + +
    + + +

    Detailed paths

    + +
      +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + libfido2/libfido2-1@1.10.0-1 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + openssh/openssh-client@1:8.9p1-3ubuntu0.10 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + ca-certificates@20240203~22.04.1 + + openssl@3.0.2-0ubuntu1.18 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + git@1:2.34.1-1ubuntu1.11 + + curl/libcurl3-gnutls@7.81.0-1ubuntu1.18 + + libssh/libssh-4@0.9.6-2ubuntu0.22.04.3 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + adduser@3.118ubuntu5 + + shadow/passwd@1:4.8.1-2ubuntu2.2 + + pam/libpam-modules@1.4.0-11ubuntu2.4 + + libnsl/libnsl2@1.3.0-2build2 + + libtirpc/libtirpc3@1.3.2-2ubuntu0.1 + + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 + + krb5/libkrb5-3@1.19.2-2ubuntu0.4 + + openssl/libssl3@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + openssl@3.0.2-0ubuntu1.18 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.11.11 + + ca-certificates@20240203~22.04.1 + + openssl@3.0.2-0ubuntu1.18 + + + +
      • +
    + +
    + +
    + +

    NVD Description

    +

    Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. + See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

    +

    Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

    +

    Remediation

    +

    There is no fixed version for Ubuntu:22.04 openssl.

    +

    References

    + + +
    + +
    +

    More about this vulnerability

    +
    +

    CVE-2023-50495

    @@ -2491,7 +2491,7 @@

    CVE-2023-50495

    • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
    • Package Manager: ubuntu:22.04 @@ -2504,7 +2504,7 @@

      CVE-2023-50495

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and ncurses/libtinfo6@6.3-2ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.11.11 and ncurses/libtinfo6@6.3-2ubuntu0.1
    @@ -2517,7 +2517,7 @@

    Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libtinfo6@6.3-2ubuntu0.1 @@ -2526,7 +2526,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 bash@5.1-6ubuntu1.1 @@ -2537,7 +2537,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2548,7 +2548,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 less@590-1ubuntu0.22.04.3 @@ -2559,7 +2559,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 libedit/libedit2@3.1-20210910-1build1 @@ -2570,7 +2570,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2581,7 +2581,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -2592,7 +2592,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 procps@2:3.3.17-6ubuntu2.1 @@ -2603,7 +2603,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 util-linux@2.37.2-4ubuntu3.4 @@ -2614,7 +2614,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -2629,7 +2629,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2644,7 +2644,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2653,7 +2653,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 procps@2:3.3.17-6ubuntu2.1 @@ -2664,7 +2664,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2679,7 +2679,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2688,7 +2688,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 procps@2:3.3.17-6ubuntu2.1 @@ -2699,7 +2699,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/ncurses-base@6.3-2ubuntu0.1 @@ -2708,7 +2708,7 @@

      Detailed paths

    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -2755,7 +2755,7 @@

      CVE-2023-45918

      • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
      • Package Manager: ubuntu:22.04 @@ -2768,7 +2768,7 @@

        CVE-2023-45918

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and ncurses/libtinfo6@6.3-2ubuntu0.1 + docker-image|quay.io/argoproj/argocd@v2.11.11 and ncurses/libtinfo6@6.3-2ubuntu0.1
      @@ -2781,7 +2781,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libtinfo6@6.3-2ubuntu0.1 @@ -2790,7 +2790,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 bash@5.1-6ubuntu1.1 @@ -2801,7 +2801,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2812,7 +2812,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 less@590-1ubuntu0.22.04.3 @@ -2823,7 +2823,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 libedit/libedit2@3.1-20210910-1build1 @@ -2834,7 +2834,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2845,7 +2845,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -2856,7 +2856,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 procps@2:3.3.17-6ubuntu2.1 @@ -2867,7 +2867,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 util-linux@2.37.2-4ubuntu3.4 @@ -2878,7 +2878,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -2893,7 +2893,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2908,7 +2908,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncursesw6@6.3-2ubuntu0.1 @@ -2917,7 +2917,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 procps@2:3.3.17-6ubuntu2.1 @@ -2928,7 +2928,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2943,7 +2943,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/libncurses6@6.3-2ubuntu0.1 @@ -2952,7 +2952,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 procps@2:3.3.17-6ubuntu2.1 @@ -2963,7 +2963,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/ncurses-base@6.3-2ubuntu0.1 @@ -2972,7 +2972,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 ncurses/ncurses-bin@6.3-2ubuntu0.1 @@ -3017,7 +3017,7 @@

        Resource Exhaustion

        • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
        • Package Manager: ubuntu:22.04 @@ -3030,7 +3030,7 @@

          Resource Exhaustion

        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and libzstd/libzstd1@1.4.8+dfsg-3build1 + docker-image|quay.io/argoproj/argocd@v2.11.11 and libzstd/libzstd1@1.4.8+dfsg-3build1
        @@ -3043,7 +3043,7 @@

        Detailed paths

        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 libzstd/libzstd1@1.4.8+dfsg-3build1 @@ -3094,7 +3094,7 @@

          Integer Overflow or Wraparound

          • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
          • Package Manager: ubuntu:22.04 @@ -3107,7 +3107,7 @@

            Integer Overflow or Wraparound

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.11.11 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
          @@ -3120,7 +3120,7 @@

          Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -3129,7 +3129,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3150,7 +3150,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3173,7 +3173,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -3182,7 +3182,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3203,7 +3203,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -3212,7 +3212,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -3223,7 +3223,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -3236,7 +3236,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -3251,7 +3251,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3270,7 +3270,7 @@

            Detailed paths

          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -3318,7 +3318,7 @@

            CVE-2024-26461

            • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
            • Package Manager: ubuntu:22.04 @@ -3331,7 +3331,7 @@

              CVE-2024-26461

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.11.11 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
            @@ -3344,7 +3344,7 @@

            Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -3353,7 +3353,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3374,7 +3374,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3397,7 +3397,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -3406,7 +3406,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3427,7 +3427,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -3436,7 +3436,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -3447,7 +3447,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -3460,7 +3460,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -3475,7 +3475,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3494,7 +3494,7 @@

              Detailed paths

            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -3539,7 +3539,7 @@

              CVE-2024-26458

              • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
              • Package Manager: ubuntu:22.04 @@ -3552,7 +3552,7 @@

                CVE-2024-26458

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and krb5/libk5crypto3@1.19.2-2ubuntu0.4 + docker-image|quay.io/argoproj/argocd@v2.11.11 and krb5/libk5crypto3@1.19.2-2ubuntu0.4
              @@ -3565,7 +3565,7 @@

              Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libk5crypto3@1.19.2-2ubuntu0.4 @@ -3574,7 +3574,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3595,7 +3595,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3618,7 +3618,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5-3@1.19.2-2ubuntu0.4 @@ -3627,7 +3627,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3648,7 +3648,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.4 @@ -3657,7 +3657,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 openssh/openssh-client@1:8.9p1-3ubuntu0.10 @@ -3668,7 +3668,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -3681,7 +3681,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -3696,7 +3696,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 adduser@3.118ubuntu5 @@ -3715,7 +3715,7 @@

                Detailed paths

              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 krb5/libkrb5support0@1.19.2-2ubuntu0.4 @@ -3760,7 +3760,7 @@

                Out-of-bounds Write

                • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                • Package Manager: ubuntu:22.04 @@ -3773,7 +3773,7 @@

                  Out-of-bounds Write

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and gnupg2/gpgv@2.2.27-3ubuntu2.1 + docker-image|quay.io/argoproj/argocd@v2.11.11 and gnupg2/gpgv@2.2.27-3ubuntu2.1
                @@ -3786,7 +3786,7 @@

                Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -3795,7 +3795,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -3806,7 +3806,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3817,7 +3817,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -3828,7 +3828,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -3839,7 +3839,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3852,7 +3852,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3865,7 +3865,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -3874,7 +3874,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3885,7 +3885,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3898,7 +3898,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 @@ -3907,7 +3907,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3918,7 +3918,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 @@ -3927,7 +3927,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3938,7 +3938,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -3947,7 +3947,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3958,7 +3958,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3971,7 +3971,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -3984,7 +3984,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 @@ -3993,7 +3993,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4004,7 +4004,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4017,7 +4017,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4030,7 +4030,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 @@ -4039,7 +4039,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4050,7 +4050,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 @@ -4059,7 +4059,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4070,7 +4070,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gpgsm@2.2.27-3ubuntu2.1 @@ -4079,7 +4079,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4090,7 +4090,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -4139,7 +4139,7 @@

                  Allocation of Resources Without Limits or Throttling

                • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                • Package Manager: ubuntu:22.04 @@ -4152,7 +4152,7 @@

                  Allocation of Resources Without Limits or Throttling

                  Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and glibc/libc-bin@2.35-0ubuntu3.8 + docker-image|quay.io/argoproj/argocd@v2.11.11 and glibc/libc-bin@2.35-0ubuntu3.8
                @@ -4165,7 +4165,7 @@

                Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 glibc/libc-bin@2.35-0ubuntu3.8 @@ -4174,7 +4174,7 @@

                  Detailed paths

                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 glibc/libc6@2.35-0ubuntu3.8 @@ -4220,7 +4220,7 @@

                  Improper Input Validation

                  • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                  • Package Manager: ubuntu:22.04 @@ -4234,7 +4234,7 @@

                    Improper Input Validation

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9, git@1:2.34.1-1ubuntu1.11 and others + docker-image|quay.io/argoproj/argocd@v2.11.11, git@1:2.34.1-1ubuntu1.11 and others
                  @@ -4246,7 +4246,7 @@

                  Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -4257,7 +4257,7 @@

                    Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git@1:2.34.1-1ubuntu1.11 @@ -4266,7 +4266,7 @@

                    Detailed paths

                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 git-lfs@3.0.2-1ubuntu0.2 @@ -4313,7 +4313,7 @@

                    Uncontrolled Recursion

                    • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                    • Package Manager: ubuntu:22.04 @@ -4326,7 +4326,7 @@

                      Uncontrolled Recursion

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 + docker-image|quay.io/argoproj/argocd@v2.11.11 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04
                    @@ -4339,7 +4339,7 @@

                    Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 @@ -4348,7 +4348,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -4359,7 +4359,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 apt@2.4.13 @@ -4372,7 +4372,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gcc-12/gcc-12-base@12.3.0-1ubuntu1~22.04 @@ -4381,7 +4381,7 @@

                      Detailed paths

                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 gcc-12/libgcc-s1@12.3.0-1ubuntu1~22.04 @@ -4428,7 +4428,7 @@

                      Improper Input Validation

                      • - Manifest file: quay.io/argoproj/argocd:v2.11.9/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.11.11/argoproj/argocd Dockerfile
                      • Package Manager: ubuntu:22.04 @@ -4441,7 +4441,7 @@

                        Improper Input Validation

                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 and coreutils@8.32-4.1ubuntu1.2 + docker-image|quay.io/argoproj/argocd@v2.11.11 and coreutils@8.32-4.1ubuntu1.2
                      @@ -4454,7 +4454,7 @@

                      Detailed paths

                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.11.9 + docker-image|quay.io/argoproj/argocd@v2.11.11 coreutils@8.32-4.1ubuntu1.2 diff --git a/docs/snyk/v2.11.9/redis_7.0.15-alpine.html b/docs/snyk/v2.11.11/redis_7.0.15-alpine.html similarity index 99% rename from docs/snyk/v2.11.9/redis_7.0.15-alpine.html rename to docs/snyk/v2.11.11/redis_7.0.15-alpine.html index 4b661b277c19e..aeeabead51808 100644 --- a/docs/snyk/v2.11.9/redis_7.0.15-alpine.html +++ b/docs/snyk/v2.11.11/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:27:05 am (UTC+00:00)

                        +

                        October 20th 2024, 12:27:14 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.12.4/argocd-iac-install.html b/docs/snyk/v2.12.6/argocd-iac-install.html similarity index 99% rename from docs/snyk/v2.12.4/argocd-iac-install.html rename to docs/snyk/v2.12.6/argocd-iac-install.html index c39244ca8b7a4..1a87698d42bea 100644 --- a/docs/snyk/v2.12.4/argocd-iac-install.html +++ b/docs/snyk/v2.12.6/argocd-iac-install.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:26:09 am (UTC+00:00)

                        +

                        October 20th 2024, 12:26:19 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.12.4/argocd-iac-namespace-install.html b/docs/snyk/v2.12.6/argocd-iac-namespace-install.html similarity index 99% rename from docs/snyk/v2.12.4/argocd-iac-namespace-install.html rename to docs/snyk/v2.12.6/argocd-iac-namespace-install.html index 774befa10c704..2d8cfade096c1 100644 --- a/docs/snyk/v2.12.4/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.12.6/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:26:18 am (UTC+00:00)

                        +

                        October 20th 2024, 12:26:27 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.12.4/argocd-test.html b/docs/snyk/v2.12.6/argocd-test.html similarity index 99% rename from docs/snyk/v2.12.4/argocd-test.html rename to docs/snyk/v2.12.6/argocd-test.html index d3df2485df1f4..781aa130af42c 100644 --- a/docs/snyk/v2.12.4/argocd-test.html +++ b/docs/snyk/v2.12.6/argocd-test.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:24:12 am (UTC+00:00)

                        +

                        October 20th 2024, 12:24:23 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.11.9/ghcr.io_dexidp_dex_v2.38.0.html b/docs/snyk/v2.12.6/ghcr.io_dexidp_dex_v2.38.0.html similarity index 99% rename from docs/snyk/v2.11.9/ghcr.io_dexidp_dex_v2.38.0.html rename to docs/snyk/v2.12.6/ghcr.io_dexidp_dex_v2.38.0.html index b82db55c0793d..aa26d3bf39798 100644 --- a/docs/snyk/v2.11.9/ghcr.io_dexidp_dex_v2.38.0.html +++ b/docs/snyk/v2.12.6/ghcr.io_dexidp_dex_v2.38.0.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:26:38 am (UTC+00:00)

                        +

                        October 20th 2024, 12:24:32 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.12.4/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html b/docs/snyk/v2.12.6/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html similarity index 99% rename from docs/snyk/v2.12.4/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html rename to docs/snyk/v2.12.6/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html index 54c882d9147af..dbb261e924445 100644 --- a/docs/snyk/v2.12.4/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html +++ b/docs/snyk/v2.12.6/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:24:24 am (UTC+00:00)

                        +

                        October 20th 2024, 12:24:36 am (UTC+00:00)

                        Scanned the following path: diff --git a/docs/snyk/v2.13.0-rc3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html b/docs/snyk/v2.12.6/public.ecr.aws_docker_library_redis_7.0.15-alpine.html similarity index 99% rename from docs/snyk/v2.13.0-rc3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html rename to docs/snyk/v2.12.6/public.ecr.aws_docker_library_redis_7.0.15-alpine.html index 0f80ae5aaa060..acf9ff1603dd1 100644 --- a/docs/snyk/v2.13.0-rc3/public.ecr.aws_docker_library_redis_7.0.15-alpine.html +++ b/docs/snyk/v2.12.6/public.ecr.aws_docker_library_redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:21:51 am (UTC+00:00)

                        +

                        October 20th 2024, 12:24:40 am (UTC+00:00)

                        Scanned the following paths: diff --git a/docs/snyk/v2.12.4/quay.io_argoproj_argocd_v2.12.4.html b/docs/snyk/v2.12.6/quay.io_argoproj_argocd_v2.12.6.html similarity index 97% rename from docs/snyk/v2.12.4/quay.io_argoproj_argocd_v2.12.4.html rename to docs/snyk/v2.12.6/quay.io_argoproj_argocd_v2.12.6.html index 128ced691bd2d..79489bb32630e 100644 --- a/docs/snyk/v2.12.4/quay.io_argoproj_argocd_v2.12.4.html +++ b/docs/snyk/v2.12.6/quay.io_argoproj_argocd_v2.12.6.html @@ -456,16 +456,16 @@

                        Snyk test report

                        -

                        October 13th 2024, 12:24:44 am (UTC+00:00)

                        +

                        October 20th 2024, 12:24:57 am (UTC+00:00)

                        Scanned the following paths:
                          -
                        • quay.io/argoproj/argocd:v2.12.4/argoproj/argocd/Dockerfile (deb)
                          • -
                        • quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
                          • -
                        • quay.io/argoproj/argocd:v2.12.4//usr/local/bin/kustomize (gomodules)
                          • -
                        • quay.io/argoproj/argocd:v2.12.4/helm/v3//usr/local/bin/helm (gomodules)
                          • -
                        • quay.io/argoproj/argocd:v2.12.4/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.12.6/argoproj/argocd/Dockerfile (deb)
                          • +
                        • quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.12.6//usr/local/bin/kustomize (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.12.6/helm/v3//usr/local/bin/helm (gomodules)
                          • +
                        • quay.io/argoproj/argocd:v2.12.6/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
                        @@ -480,204 +480,6 @@

                        Snyk test report

                        -
                        -

                        CVE-2024-41996

                        -
                        - -
                        - medium severity -
                        - -
                        - -
                          -
                        • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile -
                          • -
                        • - Package Manager: ubuntu:24.04 -
                          • -
                        • - Vulnerable module: - - openssl/libssl3t64 -
                          • - -
                        • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.12.4 and openssl/libssl3t64@3.0.13-0ubuntu3.4 - -
                          • -
                        - -
                        - - -

                        Detailed paths

                        - -
                          -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - coreutils@9.4-3ubuntu6 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - cyrus-sasl2/libsasl2-modules@2.1.28+dfsg1-5ubuntu3.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - libfido2/libfido2-1@1.14.0-1build3 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - openssh/openssh-client@1:9.6p1-3ubuntu13.5 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - ca-certificates@20240203 - - openssl@3.0.13-0ubuntu3.4 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - libssh/libssh-4@0.10.6-2build2 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - krb5/libgssapi-krb5-2@1.20.1-6ubuntu2.1 - - krb5/libkrb5-3@1.20.1-6ubuntu2.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - openldap/libldap2@2.6.7+dfsg-1~exp1ubuntu8 - - cyrus-sasl2/libsasl2-2@2.1.28+dfsg1-5ubuntu3.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - openssl@3.0.13-0ubuntu3.4 - - - -
                          • -
                        • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 - - ca-certificates@20240203 - - openssl@3.0.13-0ubuntu3.4 - - - -
                          • -
                        - -
                        - -
                        - -

                        NVD Description

                        -

                        Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. - See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

                        -

                        Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

                        -

                        Remediation

                        -

                        There is no fixed version for Ubuntu:24.04 openssl.

                        -

                        References

                        - - -
                        - -
                        -

                        More about this vulnerability

                        -
                        - -

                        Information Exposure

                        @@ -690,7 +492,7 @@

                        Information Exposure

                        • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                        • Package Manager: ubuntu:24.04 @@ -703,7 +505,7 @@

                          Information Exposure

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 and libgcrypt20@1.10.3-2build1 + docker-image|quay.io/argoproj/argocd@v2.12.6 and libgcrypt20@1.10.3-2build1
                        @@ -716,7 +518,7 @@

                        Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 libgcrypt20@1.10.3-2build1 @@ -725,7 +527,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/dirmngr@2.4.4-2ubuntu17 @@ -736,7 +538,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpg@2.4.4-2ubuntu17 @@ -747,7 +549,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpg-agent@2.4.4-2ubuntu17 @@ -758,7 +560,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 apt@2.7.14build2 @@ -771,7 +573,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 apt@2.7.14build2 @@ -784,7 +586,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpg@2.4.4-2ubuntu17 @@ -797,13 +599,13 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 apt@2.7.14build2 adduser@3.137ubuntu1 - shadow/passwd@1:4.13+dfsg1-4ubuntu3 + shadow/passwd@1:4.13+dfsg1-4ubuntu3.2 pam/libpam-modules@1.5.3-5ubuntu5.1 @@ -853,7 +655,7 @@

                          CVE-2024-26462

                          • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                          • Package Manager: ubuntu:24.04 @@ -867,7 +669,7 @@

                            CVE-2024-26462

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.12.6, git@1:2.43.0-1ubuntu7.1 and others
                          @@ -879,7 +681,7 @@

                          Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -894,7 +696,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -911,7 +713,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -926,7 +728,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -943,7 +745,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -962,7 +764,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -977,7 +779,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 openssh/openssh-client@1:9.6p1-3ubuntu13.5 @@ -988,7 +790,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1001,7 +803,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1016,7 +818,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 krb5/krb5-locales@1.20.1-6ubuntu2.1 @@ -1061,7 +863,7 @@

                            LGPL-3.0 license

                            • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2 /usr/local/bin/argocd
                            • Package Manager: golang @@ -1121,7 +923,7 @@

                              Denial of Service (DoS)

                              • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2 /usr/local/bin/argocd
                              • Package Manager: golang @@ -1231,7 +1033,7 @@

                                MPL-2.0 license

                                • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                • Package Manager: golang @@ -1291,7 +1093,7 @@

                                  MPL-2.0 license

                                  • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                  • Package Manager: golang @@ -1351,7 +1153,7 @@

                                    MPL-2.0 license

                                    • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                    • Package Manager: golang @@ -1411,7 +1213,7 @@

                                      MPL-2.0 license

                                      • - Manifest file: quay.io/argoproj/argocd:v2.12.4/helm/v3 /usr/local/bin/helm + Manifest file: quay.io/argoproj/argocd:v2.12.6/helm/v3 /usr/local/bin/helm
                                      • Package Manager: golang @@ -1471,7 +1273,7 @@

                                        MPL-2.0 license

                                        • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                        • Package Manager: golang @@ -1531,7 +1333,7 @@

                                          MPL-2.0 license

                                          • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                          • Package Manager: golang @@ -1591,7 +1393,7 @@

                                            Release of Invalid Pointer or Reference

                                            • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                                            • Package Manager: ubuntu:24.04 @@ -1604,7 +1406,7 @@

                                              Release of Invalid Pointer or Reference

                                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 and patch@2.7.6-7build3 + docker-image|quay.io/argoproj/argocd@v2.12.6 and patch@2.7.6-7build3
                                            @@ -1617,7 +1419,7 @@

                                            Detailed paths

                                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 patch@2.7.6-7build3 @@ -1661,7 +1463,7 @@

                                              Double Free

                                              • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                                              • Package Manager: ubuntu:24.04 @@ -1674,7 +1476,7 @@

                                                Double Free

                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 and patch@2.7.6-7build3 + docker-image|quay.io/argoproj/argocd@v2.12.6 and patch@2.7.6-7build3
                                              @@ -1687,7 +1489,7 @@

                                              Detailed paths

                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 patch@2.7.6-7build3 @@ -1723,6 +1525,204 @@

                                                References

                                                More about this vulnerability

                        +
                        +
                        +

                        CVE-2024-41996

                        +
                        + +
                        + low severity +
                        + +
                        + +
                          +
                        • + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile +
                          • +
                        • + Package Manager: ubuntu:24.04 +
                          • +
                        • + Vulnerable module: + + openssl/libssl3t64 +
                          • + +
                        • Introduced through: + + docker-image|quay.io/argoproj/argocd@v2.12.6 and openssl/libssl3t64@3.0.13-0ubuntu3.4 + +
                          • +
                        + +
                        + + +

                        Detailed paths

                        + +
                          +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + coreutils@9.4-3ubuntu6 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + cyrus-sasl2/libsasl2-modules@2.1.28+dfsg1-5ubuntu3.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + libfido2/libfido2-1@1.14.0-1build3 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + openssh/openssh-client@1:9.6p1-3ubuntu13.5 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + ca-certificates@20240203 + + openssl@3.0.13-0ubuntu3.4 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + libssh/libssh-4@0.10.6-2build2 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + krb5/libgssapi-krb5-2@1.20.1-6ubuntu2.1 + + krb5/libkrb5-3@1.20.1-6ubuntu2.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + openldap/libldap2@2.6.7+dfsg-1~exp1ubuntu8 + + cyrus-sasl2/libsasl2-2@2.1.28+dfsg1-5ubuntu3.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + openssl@3.0.13-0ubuntu3.4 + + + +
                          • +
                        • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.12.6 + + ca-certificates@20240203 + + openssl@3.0.13-0ubuntu3.4 + + + +
                          • +
                        + +
                        + +
                        + +

                        NVD Description

                        +

                        Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. + See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

                        +

                        Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

                        +

                        Remediation

                        +

                        There is no fixed version for Ubuntu:24.04 openssl.

                        +

                        References

                        + + +
                        + +
                        +

                        More about this vulnerability

                        +
                        +

                        CVE-2024-26458

                        @@ -1736,7 +1736,7 @@

                        CVE-2024-26458

                        • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                        • Package Manager: ubuntu:24.04 @@ -1750,7 +1750,7 @@

                          CVE-2024-26458

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.12.6, git@1:2.43.0-1ubuntu7.1 and others
                        @@ -1762,7 +1762,7 @@

                        Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1777,7 +1777,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1794,7 +1794,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1809,7 +1809,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1826,7 +1826,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1845,7 +1845,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1860,7 +1860,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 openssh/openssh-client@1:9.6p1-3ubuntu13.5 @@ -1871,7 +1871,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1884,7 +1884,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1899,7 +1899,7 @@

                          Detailed paths

                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 krb5/krb5-locales@1.20.1-6ubuntu2.1 @@ -1944,7 +1944,7 @@

                          CVE-2024-26461

                          • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                          • Package Manager: ubuntu:24.04 @@ -1958,7 +1958,7 @@

                            CVE-2024-26461

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.12.6, git@1:2.43.0-1ubuntu7.1 and others
                          @@ -1970,7 +1970,7 @@

                          Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -1985,7 +1985,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2002,7 +2002,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2017,7 +2017,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2034,7 +2034,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2053,7 +2053,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2068,7 +2068,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 openssh/openssh-client@1:9.6p1-3ubuntu13.5 @@ -2079,7 +2079,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2092,7 +2092,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2107,7 +2107,7 @@

                            Detailed paths

                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 krb5/krb5-locales@1.20.1-6ubuntu2.1 @@ -2152,7 +2152,7 @@

                            Out-of-bounds Write

                            • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                            • Package Manager: ubuntu:24.04 @@ -2165,7 +2165,7 @@

                              Out-of-bounds Write

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 and gnupg2/gpgv@2.4.4-2ubuntu17 + docker-image|quay.io/argoproj/argocd@v2.12.6 and gnupg2/gpgv@2.4.4-2ubuntu17
                            @@ -2178,7 +2178,7 @@

                            Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpgv@2.4.4-2ubuntu17 @@ -2187,7 +2187,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 apt@2.7.14build2 @@ -2198,7 +2198,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/dirmngr@2.4.4-2ubuntu17 @@ -2209,7 +2209,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpg-agent@2.4.4-2ubuntu17 @@ -2220,7 +2220,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpg@2.4.4-2ubuntu17 @@ -2231,7 +2231,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/dirmngr@2.4.4-2ubuntu17 @@ -2240,7 +2240,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpg@2.4.4-2ubuntu17 @@ -2249,7 +2249,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 gnupg2/gpg-agent@2.4.4-2ubuntu17 @@ -2298,7 +2298,7 @@

                              Allocation of Resources Without Limits or Throttling

                            • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                            • Package Manager: ubuntu:24.04 @@ -2311,7 +2311,7 @@

                              Allocation of Resources Without Limits or Throttling

                              Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 and glibc/libc-bin@2.39-0ubuntu8.3 + docker-image|quay.io/argoproj/argocd@v2.12.6 and glibc/libc-bin@2.39-0ubuntu8.3
                            @@ -2324,7 +2324,7 @@

                            Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 glibc/libc-bin@2.39-0ubuntu8.3 @@ -2333,7 +2333,7 @@

                              Detailed paths

                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 glibc/libc6@2.39-0ubuntu8.3 @@ -2379,7 +2379,7 @@

                              Improper Input Validation

                              • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                              • Package Manager: ubuntu:24.04 @@ -2393,7 +2393,7 @@

                                Improper Input Validation

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.12.6, git@1:2.43.0-1ubuntu7.1 and others
                              @@ -2405,7 +2405,7 @@

                              Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2416,7 +2416,7 @@

                                Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git@1:2.43.0-1ubuntu7.1 @@ -2425,7 +2425,7 @@

                                Detailed paths

                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 git-lfs@3.4.1-1ubuntu0.1 @@ -2472,7 +2472,7 @@

                                Improper Input Validation

                                • - Manifest file: quay.io/argoproj/argocd:v2.12.4/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.12.6/argoproj/argocd Dockerfile
                                • Package Manager: ubuntu:24.04 @@ -2485,7 +2485,7 @@

                                  Improper Input Validation

                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 and coreutils@9.4-3ubuntu6 + docker-image|quay.io/argoproj/argocd@v2.12.6 and coreutils@9.4-3ubuntu6
                                @@ -2498,7 +2498,7 @@

                                Detailed paths

                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.12.4 + docker-image|quay.io/argoproj/argocd@v2.12.6 coreutils@9.4-3ubuntu6 diff --git a/docs/snyk/v2.13.0-rc3/redis_7.0.15-alpine.html b/docs/snyk/v2.12.6/redis_7.0.15-alpine.html similarity index 99% rename from docs/snyk/v2.13.0-rc3/redis_7.0.15-alpine.html rename to docs/snyk/v2.12.6/redis_7.0.15-alpine.html index d95fc0071535c..cc11c50b004ba 100644 --- a/docs/snyk/v2.13.0-rc3/redis_7.0.15-alpine.html +++ b/docs/snyk/v2.12.6/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:22:12 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:25:00 am (UTC+00:00)

                                  Scanned the following paths: diff --git a/docs/snyk/v2.13.0-rc3/argocd-iac-install.html b/docs/snyk/v2.13.0-rc5/argocd-iac-install.html similarity index 99% rename from docs/snyk/v2.13.0-rc3/argocd-iac-install.html rename to docs/snyk/v2.13.0-rc5/argocd-iac-install.html index 12723ced1d9d4..a43a571bb1837 100644 --- a/docs/snyk/v2.13.0-rc3/argocd-iac-install.html +++ b/docs/snyk/v2.13.0-rc5/argocd-iac-install.html @@ -456,7 +456,7 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:23:37 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:23:58 am (UTC+00:00)

                                  Scanned the following path: diff --git a/docs/snyk/v2.13.0-rc3/argocd-iac-namespace-install.html b/docs/snyk/v2.13.0-rc5/argocd-iac-namespace-install.html similarity index 99% rename from docs/snyk/v2.13.0-rc3/argocd-iac-namespace-install.html rename to docs/snyk/v2.13.0-rc5/argocd-iac-namespace-install.html index ffdb94d2c6aa9..014f621028474 100644 --- a/docs/snyk/v2.13.0-rc3/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.13.0-rc5/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:23:46 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:24:07 am (UTC+00:00)

                                  Scanned the following path: diff --git a/docs/snyk/v2.13.0-rc3/argocd-test.html b/docs/snyk/v2.13.0-rc5/argocd-test.html similarity index 99% rename from docs/snyk/v2.13.0-rc3/argocd-test.html rename to docs/snyk/v2.13.0-rc5/argocd-test.html index 0a4e6d98854cb..41a205cf61fd9 100644 --- a/docs/snyk/v2.13.0-rc3/argocd-test.html +++ b/docs/snyk/v2.13.0-rc5/argocd-test.html @@ -456,7 +456,7 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:21:36 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:21:57 am (UTC+00:00)

                                  Scanned the following paths: diff --git a/docs/snyk/v2.13.0-rc3/ghcr.io_dexidp_dex_v2.41.1.html b/docs/snyk/v2.13.0-rc5/ghcr.io_dexidp_dex_v2.41.1.html similarity index 99% rename from docs/snyk/v2.13.0-rc3/ghcr.io_dexidp_dex_v2.41.1.html rename to docs/snyk/v2.13.0-rc5/ghcr.io_dexidp_dex_v2.41.1.html index b660068e17320..a73c82abee50b 100644 --- a/docs/snyk/v2.13.0-rc3/ghcr.io_dexidp_dex_v2.41.1.html +++ b/docs/snyk/v2.13.0-rc5/ghcr.io_dexidp_dex_v2.41.1.html @@ -456,7 +456,7 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:21:42 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:22:05 am (UTC+00:00)

                                  Scanned the following paths: diff --git a/docs/snyk/v2.13.0-rc3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html b/docs/snyk/v2.13.0-rc5/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html similarity index 99% rename from docs/snyk/v2.13.0-rc3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html rename to docs/snyk/v2.13.0-rc5/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html index 4cde86ba5d116..40fa4492069b9 100644 --- a/docs/snyk/v2.13.0-rc3/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html +++ b/docs/snyk/v2.13.0-rc5/public.ecr.aws_docker_library_haproxy_2.6.17-alpine.html @@ -456,7 +456,7 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:21:47 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:22:09 am (UTC+00:00)

                                  Scanned the following path: diff --git a/docs/snyk/v2.12.4/public.ecr.aws_docker_library_redis_7.0.15-alpine.html b/docs/snyk/v2.13.0-rc5/public.ecr.aws_docker_library_redis_7.0.15-alpine.html similarity index 99% rename from docs/snyk/v2.12.4/public.ecr.aws_docker_library_redis_7.0.15-alpine.html rename to docs/snyk/v2.13.0-rc5/public.ecr.aws_docker_library_redis_7.0.15-alpine.html index 7bac95be45815..8f850a0538694 100644 --- a/docs/snyk/v2.12.4/public.ecr.aws_docker_library_redis_7.0.15-alpine.html +++ b/docs/snyk/v2.13.0-rc5/public.ecr.aws_docker_library_redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:24:28 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:22:13 am (UTC+00:00)

                                  Scanned the following paths: diff --git a/docs/snyk/v2.13.0-rc3/quay.io_argoproj_argocd_v2.13.0-rc3.html b/docs/snyk/v2.13.0-rc5/quay.io_argoproj_argocd_v2.13.0-rc5.html similarity index 96% rename from docs/snyk/v2.13.0-rc3/quay.io_argoproj_argocd_v2.13.0-rc3.html rename to docs/snyk/v2.13.0-rc5/quay.io_argoproj_argocd_v2.13.0-rc5.html index 955fea3a3f6c7..6efc063207b12 100644 --- a/docs/snyk/v2.13.0-rc3/quay.io_argoproj_argocd_v2.13.0-rc3.html +++ b/docs/snyk/v2.13.0-rc5/quay.io_argoproj_argocd_v2.13.0-rc5.html @@ -456,16 +456,16 @@

                                  Snyk test report

                                  -

                                  October 13th 2024, 12:22:08 am (UTC+00:00)

                                  +

                                  October 20th 2024, 12:22:29 am (UTC+00:00)

                                  Scanned the following paths:
                                    -
                                  • quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd/Dockerfile (deb)
                                    • -
                                  • quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
                                    • -
                                  • quay.io/argoproj/argocd:v2.13.0-rc3//usr/local/bin/kustomize (gomodules)
                                    • -
                                  • quay.io/argoproj/argocd:v2.13.0-rc3/helm/v3//usr/local/bin/helm (gomodules)
                                    • -
                                  • quay.io/argoproj/argocd:v2.13.0-rc3/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
                                    • +
                                  • quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd/Dockerfile (deb)
                                    • +
                                  • quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argo-cd/v2//usr/local/bin/argocd (gomodules)
                                    • +
                                  • quay.io/argoproj/argocd:v2.13.0-rc5//usr/local/bin/kustomize (gomodules)
                                    • +
                                  • quay.io/argoproj/argocd:v2.13.0-rc5/helm/v3//usr/local/bin/helm (gomodules)
                                    • +
                                  • quay.io/argoproj/argocd:v2.13.0-rc5/git-lfs/git-lfs//usr/bin/git-lfs (gomodules)
                                  @@ -480,204 +480,6 @@

                                  Snyk test report

                                  -
                                  -

                                  CVE-2024-41996

                                  -
                                  - -
                                  - medium severity -
                                  - -
                                  - -
                                    -
                                  • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile -
                                    • -
                                  • - Package Manager: ubuntu:24.04 -
                                    • -
                                  • - Vulnerable module: - - openssl/libssl3t64 -
                                    • - -
                                  • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 and openssl/libssl3t64@3.0.13-0ubuntu3.4 - -
                                    • -
                                  - -
                                  - - -

                                  Detailed paths

                                  - -
                                    -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - coreutils@9.4-3ubuntu6 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - cyrus-sasl2/libsasl2-modules@2.1.28+dfsg1-5ubuntu3.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - libfido2/libfido2-1@1.14.0-1build3 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - openssh/openssh-client@1:9.6p1-3ubuntu13.5 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - ca-certificates@20240203 - - openssl@3.0.13-0ubuntu3.4 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - libssh/libssh-4@0.10.6-2build2 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - krb5/libgssapi-krb5-2@1.20.1-6ubuntu2.1 - - krb5/libkrb5-3@1.20.1-6ubuntu2.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - git@1:2.43.0-1ubuntu7.1 - - curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 - - openldap/libldap2@2.6.7+dfsg-1~exp1ubuntu8 - - cyrus-sasl2/libsasl2-2@2.1.28+dfsg1-5ubuntu3.1 - - openssl/libssl3t64@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - openssl@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 - - ca-certificates@20240203 - - openssl@3.0.13-0ubuntu3.4 - - - -
                                    • -
                                  - -
                                  - -
                                  - -

                                  NVD Description

                                  -

                                  Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. - See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

                                  -

                                  Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

                                  -

                                  Remediation

                                  -

                                  There is no fixed version for Ubuntu:24.04 openssl.

                                  -

                                  References

                                  - - -
                                  - -
                                  -

                                  More about this vulnerability

                                  -
                                  - -

                                  Information Exposure

                                  @@ -690,7 +492,7 @@

                                  Information Exposure

                                  • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                  • Package Manager: ubuntu:24.04 @@ -703,7 +505,7 @@

                                    Information Exposure

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 and libgcrypt20@1.10.3-2build1 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 and libgcrypt20@1.10.3-2build1
                                  @@ -716,7 +518,7 @@

                                  Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 libgcrypt20@1.10.3-2build1 @@ -725,7 +527,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/dirmngr@2.4.4-2ubuntu17 @@ -736,7 +538,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpg@2.4.4-2ubuntu17 @@ -747,7 +549,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpg-agent@2.4.4-2ubuntu17 @@ -758,7 +560,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 apt@2.7.14build2 @@ -771,7 +573,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 apt@2.7.14build2 @@ -784,7 +586,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpg@2.4.4-2ubuntu17 @@ -797,13 +599,13 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 apt@2.7.14build2 adduser@3.137ubuntu1 - shadow/passwd@1:4.13+dfsg1-4ubuntu3 + shadow/passwd@1:4.13+dfsg1-4ubuntu3.2 pam/libpam-modules@1.5.3-5ubuntu5.1 @@ -853,7 +655,7 @@

                                    CVE-2024-26462

                                    • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                    • Package Manager: ubuntu:24.04 @@ -867,7 +669,7 @@

                                      CVE-2024-26462

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5, git@1:2.43.0-1ubuntu7.1 and others
                                    @@ -879,7 +681,7 @@

                                    Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -894,7 +696,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -911,7 +713,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -926,7 +728,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -943,7 +745,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -962,7 +764,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -977,7 +779,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 openssh/openssh-client@1:9.6p1-3ubuntu13.5 @@ -988,7 +790,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1001,7 +803,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1016,7 +818,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 krb5/krb5-locales@1.20.1-6ubuntu2.1 @@ -1061,7 +863,7 @@

                                      LGPL-3.0 license

                                      • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                      • Package Manager: golang @@ -1121,7 +923,7 @@

                                        MPL-2.0 license

                                        • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                        • Package Manager: golang @@ -1181,7 +983,7 @@

                                          MPL-2.0 license

                                          • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                          • Package Manager: golang @@ -1241,7 +1043,7 @@

                                            MPL-2.0 license

                                            • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                            • Package Manager: golang @@ -1301,7 +1103,7 @@

                                              MPL-2.0 license

                                              • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/helm/v3 /usr/local/bin/helm + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/helm/v3 /usr/local/bin/helm
                                              • Package Manager: golang @@ -1361,7 +1163,7 @@

                                                MPL-2.0 license

                                                • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                                • Package Manager: golang @@ -1421,7 +1223,7 @@

                                                  MPL-2.0 license

                                                  • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argo-cd/v2 /usr/local/bin/argocd + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argo-cd/v2 /usr/local/bin/argocd
                                                  • Package Manager: golang @@ -1481,7 +1283,7 @@

                                                    Release of Invalid Pointer or Reference

                                                    • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                                    • Package Manager: ubuntu:24.04 @@ -1494,7 +1296,7 @@

                                                      Release of Invalid Pointer or Reference

                                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 and patch@2.7.6-7build3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 and patch@2.7.6-7build3
                                                    @@ -1507,7 +1309,7 @@

                                                    Detailed paths

                                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 patch@2.7.6-7build3 @@ -1551,7 +1353,7 @@

                                                      Double Free

                                                      • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                                      • Package Manager: ubuntu:24.04 @@ -1564,7 +1366,7 @@

                                                        Double Free

                                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 and patch@2.7.6-7build3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 and patch@2.7.6-7build3
                                                      @@ -1577,7 +1379,7 @@

                                                      Detailed paths

                                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 patch@2.7.6-7build3 @@ -1613,6 +1415,204 @@

                                                        References

                                                        More about this vulnerability

                                  +
                                  +
                                  +

                                  CVE-2024-41996

                                  +
                                  + +
                                  + low severity +
                                  + +
                                  + +
                                    +
                                  • + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile +
                                    • +
                                  • + Package Manager: ubuntu:24.04 +
                                    • +
                                  • + Vulnerable module: + + openssl/libssl3t64 +
                                    • + +
                                  • Introduced through: + + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 and openssl/libssl3t64@3.0.13-0ubuntu3.4 + +
                                    • +
                                  + +
                                  + + +

                                  Detailed paths

                                  + +
                                    +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + coreutils@9.4-3ubuntu6 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + cyrus-sasl2/libsasl2-modules@2.1.28+dfsg1-5ubuntu3.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + libfido2/libfido2-1@1.14.0-1build3 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + openssh/openssh-client@1:9.6p1-3ubuntu13.5 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + ca-certificates@20240203 + + openssl@3.0.13-0ubuntu3.4 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + libssh/libssh-4@0.10.6-2build2 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + krb5/libgssapi-krb5-2@1.20.1-6ubuntu2.1 + + krb5/libkrb5-3@1.20.1-6ubuntu2.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + git@1:2.43.0-1ubuntu7.1 + + curl/libcurl3t64-gnutls@8.5.0-2ubuntu10.4 + + openldap/libldap2@2.6.7+dfsg-1~exp1ubuntu8 + + cyrus-sasl2/libsasl2-2@2.1.28+dfsg1-5ubuntu3.1 + + openssl/libssl3t64@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + openssl@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 + + ca-certificates@20240203 + + openssl@3.0.13-0ubuntu3.4 + + + +
                                    • +
                                  + +
                                  + +
                                  + +

                                  NVD Description

                                  +

                                  Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. + See How to fix? for Ubuntu:24.04 relevant fixed versions and status.

                                  +

                                  Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

                                  +

                                  Remediation

                                  +

                                  There is no fixed version for Ubuntu:24.04 openssl.

                                  +

                                  References

                                  + + +
                                  + +
                                  +

                                  More about this vulnerability

                                  +
                                  +

                                  CVE-2024-26458

                                  @@ -1626,7 +1626,7 @@

                                  CVE-2024-26458

                                  • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                  • Package Manager: ubuntu:24.04 @@ -1640,7 +1640,7 @@

                                    CVE-2024-26458

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5, git@1:2.43.0-1ubuntu7.1 and others
                                  @@ -1652,7 +1652,7 @@

                                  Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1667,7 +1667,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1684,7 +1684,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1699,7 +1699,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1716,7 +1716,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1735,7 +1735,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1750,7 +1750,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 openssh/openssh-client@1:9.6p1-3ubuntu13.5 @@ -1761,7 +1761,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1774,7 +1774,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1789,7 +1789,7 @@

                                    Detailed paths

                                  • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 krb5/krb5-locales@1.20.1-6ubuntu2.1 @@ -1834,7 +1834,7 @@

                                    CVE-2024-26461

                                    • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                    • Package Manager: ubuntu:24.04 @@ -1848,7 +1848,7 @@

                                      CVE-2024-26461

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5, git@1:2.43.0-1ubuntu7.1 and others
                                    @@ -1860,7 +1860,7 @@

                                    Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1875,7 +1875,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1892,7 +1892,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1907,7 +1907,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1924,7 +1924,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1943,7 +1943,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1958,7 +1958,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 openssh/openssh-client@1:9.6p1-3ubuntu13.5 @@ -1969,7 +1969,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1982,7 +1982,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -1997,7 +1997,7 @@

                                      Detailed paths

                                    • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 krb5/krb5-locales@1.20.1-6ubuntu2.1 @@ -2042,7 +2042,7 @@

                                      Out-of-bounds Write

                                      • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                      • Package Manager: ubuntu:24.04 @@ -2055,7 +2055,7 @@

                                        Out-of-bounds Write

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 and gnupg2/gpgv@2.4.4-2ubuntu17 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 and gnupg2/gpgv@2.4.4-2ubuntu17
                                      @@ -2068,7 +2068,7 @@

                                      Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpgv@2.4.4-2ubuntu17 @@ -2077,7 +2077,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 apt@2.7.14build2 @@ -2088,7 +2088,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/dirmngr@2.4.4-2ubuntu17 @@ -2099,7 +2099,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpg-agent@2.4.4-2ubuntu17 @@ -2110,7 +2110,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpg@2.4.4-2ubuntu17 @@ -2121,7 +2121,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/dirmngr@2.4.4-2ubuntu17 @@ -2130,7 +2130,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpg@2.4.4-2ubuntu17 @@ -2139,7 +2139,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 gnupg2/gpg-agent@2.4.4-2ubuntu17 @@ -2188,7 +2188,7 @@

                                        Allocation of Resources Without Limits or Throttling

                                      • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                      • Package Manager: ubuntu:24.04 @@ -2201,7 +2201,7 @@

                                        Allocation of Resources Without Limits or Throttling

                                        Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 and glibc/libc-bin@2.39-0ubuntu8.3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 and glibc/libc-bin@2.39-0ubuntu8.3
                                      @@ -2214,7 +2214,7 @@

                                      Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 glibc/libc-bin@2.39-0ubuntu8.3 @@ -2223,7 +2223,7 @@

                                        Detailed paths

                                      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 glibc/libc6@2.39-0ubuntu8.3 @@ -2269,7 +2269,7 @@

                                        Improper Input Validation

                                        • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                        • Package Manager: ubuntu:24.04 @@ -2283,7 +2283,7 @@

                                          Improper Input Validation

                                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3, git@1:2.43.0-1ubuntu7.1 and others + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5, git@1:2.43.0-1ubuntu7.1 and others
                                        @@ -2295,7 +2295,7 @@

                                        Detailed paths

                                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -2306,7 +2306,7 @@

                                          Detailed paths

                                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git@1:2.43.0-1ubuntu7.1 @@ -2315,7 +2315,7 @@

                                          Detailed paths

                                        • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 git-lfs@3.4.1-1ubuntu0.1 @@ -2362,7 +2362,7 @@

                                          Improper Input Validation

                                          • - Manifest file: quay.io/argoproj/argocd:v2.13.0-rc3/argoproj/argocd Dockerfile + Manifest file: quay.io/argoproj/argocd:v2.13.0-rc5/argoproj/argocd Dockerfile
                                          • Package Manager: ubuntu:24.04 @@ -2375,7 +2375,7 @@

                                            Improper Input Validation

                                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 and coreutils@9.4-3ubuntu6 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 and coreutils@9.4-3ubuntu6
                                          @@ -2388,7 +2388,7 @@

                                          Detailed paths

                                          • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.13.0-rc3 + docker-image|quay.io/argoproj/argocd@v2.13.0-rc5 coreutils@9.4-3ubuntu6 diff --git a/docs/snyk/v2.12.4/redis_7.0.15-alpine.html b/docs/snyk/v2.13.0-rc5/redis_7.0.15-alpine.html similarity index 99% rename from docs/snyk/v2.12.4/redis_7.0.15-alpine.html rename to docs/snyk/v2.13.0-rc5/redis_7.0.15-alpine.html index bb8b4448237b4..e10b139375b94 100644 --- a/docs/snyk/v2.12.4/redis_7.0.15-alpine.html +++ b/docs/snyk/v2.13.0-rc5/redis_7.0.15-alpine.html @@ -456,7 +456,7 @@

                                            Snyk test report

                                            -

                                            October 13th 2024, 12:24:48 am (UTC+00:00)

                                            +

                                            October 20th 2024, 12:22:33 am (UTC+00:00)

                                            Scanned the following paths: