Filter
AND

Linuxfoundation Argo-cdArgo CD will blindly trust JWT claims if anonymous access is enabled

First published (updated )

Linuxfoundation Argo-cdImproper access control allows admin privilege escalation in Argo CD

First published (updated )

Linuxfoundation Argo-cdArgo CD's certificate verification is skipped for connections to OIDC providers

First published (updated )

Linuxfoundation Argo-cdArgo CD users with any cluster secret update access may update out-of-bounds cluster secrets

First published (updated )

Linuxfoundation Argo-cdJWT audience claim is not verified

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdExternal URLs for Deployments can include javascript in argo-cd

First published (updated )

Linuxfoundation Argo-cdAll unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control …

First published (updated )

Linuxfoundation Argo-cdargo-cd Controller reconciles apps outside configured namespaces when sharding is enabled

8.6
First published (updated )

go/github.com/argoproj/argo-cd/v2Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd

8.4
EPSS
0.05%
First published (updated )

go/github.com/argoproj/argo-cd/v2Insecure entropy in argo-cd

8.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdPath Traversal, Infoleak

7.7
First published (updated )

Linuxfoundation Argo-cdPath traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server

7.7
First published (updated )

Linuxfoundation Argo-cdInfoleak

7.5
First published (updated )

go/github.com/argoproj/argo-cdArgo CD web terminal session doesn't expire

7.1
First published (updated )

Linuxfoundation Argo-cdPath traversal allows leaking out-of-bound files from Argo CD repo-server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdAny unprivileged user is able to deploy argocd in his namespace and with the created ServiceAccount …

First published (updated )

go/github.com/argoproj/argo-cd/v2Argo CD vulnerable to Uncontrolled Memory Consumption

First published (updated )

Linuxfoundation Argo-cdXSS

First published (updated )

Linuxfoundation Argo-cdCross-site Scripting for Argo CD single sign on users

First published (updated )

Linuxfoundation Argo-cdPath traversal allows leaking out-of-bound Helm charts from Argo CD repo-server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdSymlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server

First published (updated )

Linuxfoundation Argo-cdArgo CD login screen allows message spoofing if SSO is enabled

First published (updated )

Linuxfoundation Argo-cdSymlink following allows leaking out-of-bounds YAML files from Argo CD repo-server

First published (updated )

Linuxfoundation Argo-cdAn access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate e…

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203