Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: argo-workflows Clear
ID Title
CVE-2026-42295 Vulnerability in argo-workflows (CVE-2026-42295)
vulnerability in argo-workflows (CVE-2026-42295). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.5` or later.
CVE-2026-42296 Authorization Flaw in argo-workflows (CVE-2026-42296)
vulnerability in argo-workflows (CVE-2026-42296). Confidential information can be exposed externally. Exploitable via ``podSpecPatch``. Mitigation: upgrade to `3.7.14, 4.0.5` or later.
CVE-2026-42297 Vulnerability in argo-workflows (CVE-2026-42297)
vulnerability in argo-workflows (CVE-2026-42297). Data can be tampered with by attackers. Exploitable via ``auth.CanI``. Mitigation: upgrade to `4.0.5` or later.
CVE-2026-42294 Vulnerability in argo-workflows (CVE-2026-42294)
vulnerability in argo-workflows (CVE-2026-42294). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/events/some-namespace`. Mitigation: upgrade to `3.7.14, 4.0.5` or later.
CVE-2026-42183 Vulnerability in argo-workflows (CVE-2026-42183)
vulnerability in argo-workflows (CVE-2026-42183). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v1/workflows/target-ns`. Mitigation: upgrade to `4.0.5` or later.
CVE-2026-40886 Vulnerability in argoproj (CVE-2026-40886)
vulnerability in argoproj (CVE-2026-40886). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.5` or later.
CVE-2026-31892 Authorization Flaw in argoproj (CVE-2026-31892)
vulnerability in argoproj (CVE-2026-31892). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.2` or later.
CVE-2026-28229 Authorization Flaw in github.com/argoproj/argo-workflows/v4 (CVE-2026-28229)
vulnerability in github.com/argoproj/argo-workflows/v4 (CVE-2026-28229). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.2` or later.
CVE-2026-23960 Cross-Site Scripting (XSS) in argoproj (CVE-2026-23960)
cross-site scripting in argoproj (CVE-2026-23960). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →