pkg:Go/github.com/akuity/kargo
共 8 筆 CVE
✅ 檢查你的版本
所有已知漏洞
- —CVE-2026-32828Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration>= 1.4.0, < 1.6.4
- —CVE-2026-32828Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration>= 1.4.0, < 1.6.4, >= 1.7.0-rc.1, < 1.7.9, >= 1.8.0-rc.1, < 1.8.12, >= 1.9.0-rc.1, < 1.9.5
- —CVE-2026-27112Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints>= 1.7.0, < 1.7.8, >= 1.8.0-rc.1, < 1.8.11, >= 1.9.0-rc.1, < 1.9.3
- —CVE-2026-27112Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints>= 1.9.0-rc.1, < 1.9.3
- —CVE-2026-27111Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints>= 1.9.0, < 1.9.3
- —CVE-2026-27111Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints>= 1.9.0, < 1.9.3
- —CVE-2026-24748Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargofrom 0, < 1.6.3, >= 1.7.0-rc.1, < 1.7.7, >= 1.8.0-rc.1, < 1.8.7
- —CVE-2026-24748Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargofrom 0, < 1.6.3