38 matches found
GO-2025-3996 argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payload in github.com/argoproj/argo-cd
argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payload in github.com/argoproj/argo-cd...
EUVD-2021-10253
Malware in sbrugna...
EUVD-2021-13703
Malware in sbrugna...
EUVD-2022-6387
Malicious code in bioql PyPI...
EUVD-2022-5826
Malicious code in bioql PyPI...
EUVD-2023-2447
Malicious code in bioql PyPI...
EUVD-2022-1270
Malicious code in bioql PyPI...
EUVD-2022-1438
Malicious code in bioql PyPI...
EUVD-2025-0130
Malicious code in bioql PyPI...
EUVD-2024-2379
Malicious code in bioql PyPI...
EUVD-2023-2501
Malicious code in bioql PyPI...
EUVD-2022-2791
Malicious code in bioql PyPI...
EUVD-2024-0850
Malicious code in bioql PyPI...
SUSE CVE-2025-59537
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate client...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...
The vulnerability of the declarative delivery tool for GitOps on Kubernetes Argo CD, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of GitOps’ continuous delivery tool for Kubernetes Argo CD is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
SUSE CVE-2025-23216
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write...
Sensitive Information Disclosure
github.com/argoproj/argo-cd is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of invalid Kubernetes Secret resources, allowing secret values to be exposed in error messages and the diff view. An attacker with write access to the repository can commit...
BIT-ARGO-CD-2025-23216 Argo CD does not scrub secret values from patch errors
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write...
CVE-2025-23216
A vulnerability was found in Argo CD where secret values can be exposed in error messages when an invalid Kubernetes Secret resource is synced from a repository. An attacker must have write access to the repository and any user with read access can view the exposed data. Mitigation Mitigation for...