Runatlantis Atlantis

3 CVEs affecting Runatlantis Atlantis. Latest disclosed: 2025-09-06. Critical: 1, High: 2.

Top CVEs affecting Runatlantis Atlantis
CVESeverityScorePublishedSummary
CVE-2024-52009Critical9.82024-11-08Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. Atlantis logs contains GitHub credentials (tokens `gh…
CVE-2025-58445High7.52025-09-06Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. All versions of Atlantis publicly expose detailed ver…
CVE-2022-24912High7.52022-07-29The package github.com/runatlantis/atlantis/server/controllers/events before 0.19.7 are vulnerable to Timing Attack in the webhook event validator code, which…