3 matches found
CVE-2026-42297 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, argo-workflows, kubeflow-pipelines-driver-fips, kubeflow-pipelines-fips, argo-workflows-fips...
CVE-2026-42297
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the Sync Service's ConfigMap-backed provider server/sync/synccm.go performs zero authorization checks on all CRUD operations create, read,...
CVE-2026-42297
creationtimestamp| type| source ---|---|--- 2026-04-23 08:17:40+00:00| published-proof-of-concept| https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xchc-cqwg-g76q 2026-05-09 05:31:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlfjekms5m2i...