DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

CVE-2025-58445

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-58445

Severity

Unknown
Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Summary

Atlantis Exposes Service Version Publicly on /status API Endpoint

Description

Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. All versions of Atlantis publicly expose detailed version information through its /status endpoint. This information disclosure could allow attackers to identify and target known vulnerabilities associated with the specific versions, potentially compromising the service's security posture. This issue does not currently have a fix.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-58445

Affected packages


The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing