4 matches found
CVE-2025-59538 vulnerabilities
Vulnerabilities for packages: argo-cd-fips, argo-cd...
CLEANSTART-2026-XE70400 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61732, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.12-r0, 3.1.12-r1, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0
Multiple security vulnerabilities affect the argo-cd-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2025-59538
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoi...
CVE-2025-59538
creationtimestamp| type| source ---|---|--- 2025-09-30 16:58:36+00:00| published-proof-of-concept| https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv 2025-10-02 06:21:21+00:00| seen| https://gist.github.com/Darkcrai86/3973f74f28664eb97b63d656a1257076...