Lucene search
K

23 matches found

OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5235 Argo vulnerable to exposure of artifact repository credentials in github.com/argoproj/argo-workflows

Argo vulnerable to exposure of artifact repository credentials in github.com/argoproj/argo-workflows...

8.5CVSS5.8AI score0.00357EPSS
Exploits1References6
OSV
OSV
added 2025/11/05 6:41 p.m.3 views

GO-2025-4024 Argo Workflow may expose artifact repository credentials in github.com/argoproj/argo-workflows

Argo Workflow may expose artifact repository credentials in github.com/argoproj/argo-workflows...

8.5CVSS7AI score0.00441EPSS
Exploits0References4
OSV
OSV
added 2025/10/17 8:39 p.m.12 views

BIT-ARGO-WORKFLOWS-2025-62157 Argo Workflows exposes artifact repository credentials in workflow-controller logs

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...

8.5CVSS6.7AI score0.00441EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/10/14 6:43 p.m.13 views

Argo Workflow may expose artifact repository credentials

Summary An attacker who has permissions to read logs from pods in a namespace with Argo Workflow can read workflow-controller logs and get credentials to the artifact repository. Details An attacker, by reading the logs of the workflow controller pod, can access the artifact repository, and steal...

8.5CVSS6.8AI score0.00441EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/10/14 6:43 p.m.4 views

GHSA-C2HV-4PFJ-MM2R Argo Workflow may expose artifact repository credentials

Summary An attacker who has permissions to read logs from pods in a namespace with Argo Workflow can read workflow-controller logs and get credentials to the artifact repository. Details An attacker, by reading the logs of the workflow controller pod, can access the artifact repository, and steal...

8.5CVSS6.4AI score0.00441EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/10/14 3:6 p.m.9 views

CVE-2025-62157 Argo Workflows exposes artifact repository credentials in workflow-controller logs

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...

8.5CVSS0.00441EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3936

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.09387EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/01 12:0 a.m.4 views

JFrog Artifactory 输入验证错误漏洞

JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's JFrog that supports clustered and high-availability Docker registries and provides an end-to-end solution for automating artifacts for tracking from development to production. JFrog Artifactory has an...

9CVSS6.7AI score0.00668EPSS
Exploits0References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.23 views

[SECURITY] Fedora 40 Update: xmvn-4.2.0-8.fc40

This package provides extensions for Apache Maven that can be used to manage system artifact repository and use it to resolve Maven artifacts in offline mode, as well as Maven plugins to help with creating RPM packages containing Maven artifacts...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
Github Security Blog
Github Security Blog
added 2022/05/24 5:43 p.m.24 views

Stored XSS vulnerability in Jenkins Artifact Repository Parameter Plugin

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Jenkins Artifact Repository Parameter Plugin 1.0.1 escapes...

5.4CVSS5.3AI score0.09387EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/24 5:43 p.m.21 views

GHSA-GC87-QWMV-7X9X Stored XSS vulnerability in Jenkins Artifact Repository Parameter Plugin

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Jenkins Artifact Repository Parameter Plugin 1.0.1 escapes...

5.4CVSS5.4AI score0.09387EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/05/23 12:0 a.m.2 views

JFrog Artifactory 安全漏洞

Jfrog JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's Jfrog that supports clustering and high-availability Docker registries, and provides an end-to-end solution for tracking artifact automation from development to production. A security vulnerabilit...

6.5CVSS6.5AI score0.00527EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2021/05/18 12:0 a.m.5 views

Jenkins Artifact Repository Parameter Plugin Cross-Site Scripting (CVE-2021-21622)

A stored cross-site scripting vulnerability exists in Jenkins Artifact Repository Parameter plugin. This vulnerability is due to insufficient validation of the name and description parameters in the ArtifactRepoParamDefinition class...

3.5CVSS5.4AI score0.09387EPSS
Exploits0
CNVD
CNVD
added 2021/02/26 12:0 a.m.6 views

CloudBees Jenkins Artifact Repository Parameter Plugin Cross-Site Scripting Vulnerability

Jenkins Artifact Repository Parameter is a Jenkins open source application plugin . Provides to make the artifact repository of certain information can be used as Jenkins build parameters. A cross-site script execution vulnerability exists in Jenkins Artifact Repository Parameter Plugin 1.0.0 and...

5.4CVSS5.7AI score0.09387EPSS
Exploits0References1
NVD
NVD
added 2021/02/24 4:15 p.m.25 views

CVE-2021-21622

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS0.09387EPSS
Exploits0References1
OSV
OSV
added 2021/02/24 4:15 p.m.19 views

CVE-2021-21622

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS5.4AI score
Exploits0References1
Prion
Prion
added 2021/02/24 4:15 p.m.17 views

Cross site scripting

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

3.5CVSS5.2AI score0.09387EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/24 3:5 p.m.27 views

CVE-2021-21622

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.7AI score0.09387EPSS
Exploits0References1
CVE
CVE
added 2021/02/24 3:5 p.m.94 views

CVE-2021-21622

CVE-2021-21622 affects Jenkins Artifact Repository Parameter Plugin (versions

5.4CVSS5.3AI score0.09387EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/02/24 12:0 a.m.10 views

Jenkins Artifact Repository Parameter 跨站脚本漏洞

Jenkins Artifact Repository Parameter is a Jenkins open source application plugin . Provides to make the artifact repository of certain information can be used as Jenkins build parameters. A cross-site script execution vulnerability exists in Jenkins Artifact Repository Parameter Plugin 1.0.0 and...

5.4CVSS6AI score0.09387EPSS
Exploits0References3
Rows per page
Query Builder