Skip to content

Bug: Security vulnerabilities in devtron #6796

New issue
New issue
Closed
Closed
Bug: Security vulnerabilities in devtron#6796
Assignees
prkhrkatprakarsh-dtvikramdevtron
Labels
bugSomething isn't workingneeds-triageIssue is not approved or ready-to-work onsecuritySecurity issues identified
@012git012

Description

@012git012
012git012
opened on Aug 27, 2025

📜 Description

Hello!

Our team would like to inform you that security vulnerabilities were discovered in devtron. We submitted reports to you on August 1 (https://github.com/devtron-labs/devtron/security/advisories/new), but it's almost a months with no response.

Please be informed that our team plans to release a technical research, which will include details of the discovered vulnerabilities.

Please note, according to our policy, we reserve the right to publicly disclose our findings, if we do not receive a response from you within 90 days.
Planned disclosure date: October, 30 2025.

We kindly ask you to review our request and get back to us as soon as possible.

Look forward to hearing from you.

👟 Reproduction steps

👍 Expected behavior

👎 Actual Behavior

☸ Kubernetes version

Cloud provider

🌍 Browser

Chrome

🧱 Your Environment

No response

✅ Proposed Solution

No response

👀 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find any similar issue

🏢 Have you read the Code of Conduct?

Metadata

Metadata

Assignees

Labels

bugSomething isn't workingneeds-triageIssue is not approved or ready-to-work onsecuritySecurity issues identified

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions