446 matches found
CVE-2026-54526
Argo Workflows CVE-2026-54526 affects workflows prior to 3.7.15 and 4.0.6 where the allow-list fix for CVE-2026-31892 is incomplete. The flaw stems from ValidateUserOverrides and SanitizeUserWorkflowSpec only inspecting top-level WorkflowSpec fields, leaving WorkflowSpec.ArtifactGC’s underlying W...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: redka, docker-cli-buildx-fips, reports-server, src, pinact, rekor, cilium-cli, elastic-agent, buildkite-agent-fips, frankenphp-8.4, tekton-pipelines-fips, mattermost, argo-cd-fips, docker, istio, prometheus, vault-secrets-operator, zarf-fips, buildkitd,...
GHSA-79CF-XCQC-C78W vulnerabilities
Vulnerabilities for packages: kubeflow-katib, argo-workflows...
CVE-2026-6402 vulnerabilities
Vulnerabilities for packages: kubeflow-katib, argo-workflows...
CVE-2026-42295 vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
GHSA-P4GQ-3VXJ-F4JQ vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
GHSA-XCHC-CQWG-G76Q vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
GHSA-7VF8-2CR6-54MF vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
CVE-2026-42183 vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
CVE-2026-42297 vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
GHSA-7VF8-2CR6-54MF vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-driver-fips, kubeflow-pipelines-fips, argo-workflows, kubeflow-pipelines, argo-workflows-fips...
GHSA-XCHC-CQWG-G76Q vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-driver-fips, kubeflow-pipelines-fips, argo-workflows, kubeflow-pipelines, argo-workflows-fips...
CVE-2026-42297 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-driver-fips, kubeflow-pipelines-fips, argo-workflows, kubeflow-pipelines, argo-workflows-fips...
GHSA-P4GQ-3VXJ-F4JQ vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-driver-fips, kubeflow-pipelines-fips, argo-workflows, kubeflow-pipelines, argo-workflows-fips...
CVE-2026-42183 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-driver-fips, kubeflow-pipelines-fips, argo-workflows, kubeflow-pipelines, argo-workflows-fips...
CVE-2026-42295 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-driver-fips, kubeflow-pipelines-fips, argo-workflows, kubeflow-pipelines, argo-workflows-fips...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: drone, reports-server, skaffold-fips, argocd-image-updater-fips, cilium-cli, commercial-grafana, frankenphp-8.4, tekton-pipelines-fips, mattermost, argo-cd-fips, istio, prometheus, zarf-fips, flux-source-controller, traefik, opentofu-fips, knative-serving,...
GO-2026-5751 Argo has Missing Authorization in its Sync ConfigMap Provider in github.com/argoproj/argo-workflows
Argo has Missing Authorization in its Sync ConfigMap Provider in github.com/argoproj/argo-workflows...
GO-2026-5527 Argo Affected by SSO RBAC Delegation Nil Pointer Dereference DoS (gatekeeper.go) in github.com/argoproj/argo-workflows
Argo Affected by SSO RBAC Delegation Nil Pointer Dereference DoS gatekeeper.go in github.com/argoproj/argo-workflows...
GO-2026-5462 Argo Vulnerable to Unauthenticated Memory Exhaustion (DoS) in Webhook Interceptor in github.com/argoproj/argo-workflows
Argo Vulnerable to Unauthenticated Memory Exhaustion DoS in Webhook Interceptor in github.com/argoproj/argo-workflows...