gitops-operator icon indicating copy to clipboard operation
gitops-operator copied to clipboard

Published 20 hours ago verified publisher icon redhat-developer

CVE-2025-49844

Open arjunprasad2143 opened this issue 1 month ago • 1 comments

https://access.redhat.com/security/cve/cve-2025-49844

The gitops operator has a redis component which is vulnerable. Do you have plans to fix this as soon as possible?

arjunprasad2143 avatar Oct 24 '25 14:10 arjunprasad2143

Yes. We are working on a fix. The Redis instance used by Argo CD already has network policies and authentication enabled as per recommended mitigations, so the overall impact of this CVE should be minimal.

svghadi avatar Oct 28 '25 04:10 svghadi