23 matches found
GO-2026-5235 Argo vulnerable to exposure of artifact repository credentials in github.com/argoproj/argo-workflows
Argo vulnerable to exposure of artifact repository credentials in github.com/argoproj/argo-workflows...
GO-2025-4024 Argo Workflow may expose artifact repository credentials in github.com/argoproj/argo-workflows
Argo Workflow may expose artifact repository credentials in github.com/argoproj/argo-workflows...
BIT-ARGO-WORKFLOWS-2025-62157 Argo Workflows exposes artifact repository credentials in workflow-controller logs
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...
Argo Workflow may expose artifact repository credentials
Summary An attacker who has permissions to read logs from pods in a namespace with Argo Workflow can read workflow-controller logs and get credentials to the artifact repository. Details An attacker, by reading the logs of the workflow controller pod, can access the artifact repository, and steal...
GHSA-C2HV-4PFJ-MM2R Argo Workflow may expose artifact repository credentials
Summary An attacker who has permissions to read logs from pods in a namespace with Argo Workflow can read workflow-controller logs and get credentials to the artifact repository. Details An attacker, by reading the logs of the workflow controller pod, can access the artifact repository, and steal...
CVE-2025-62157 Argo Workflows exposes artifact repository credentials in workflow-controller logs
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissio...
EUVD-2022-3936
Malicious code in bioql PyPI...
JFrog Artifactory 输入验证错误漏洞
JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's JFrog that supports clustered and high-availability Docker registries and provides an end-to-end solution for automating artifacts for tracking from development to production. JFrog Artifactory has an...
[SECURITY] Fedora 40 Update: xmvn-4.2.0-8.fc40
This package provides extensions for Apache Maven that can be used to manage system artifact repository and use it to resolve Maven artifacts in offline mode, as well as Maven plugins to help with creating RPM packages containing Maven artifacts...
Stored XSS vulnerability in Jenkins Artifact Repository Parameter Plugin
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Jenkins Artifact Repository Parameter Plugin 1.0.1 escapes...
GHSA-GC87-QWMV-7X9X Stored XSS vulnerability in Jenkins Artifact Repository Parameter Plugin
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Jenkins Artifact Repository Parameter Plugin 1.0.1 escapes...
JFrog Artifactory 安全漏洞
Jfrog JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's Jfrog that supports clustering and high-availability Docker registries, and provides an end-to-end solution for tracking artifact automation from development to production. A security vulnerabilit...
Jenkins Artifact Repository Parameter Plugin Cross-Site Scripting (CVE-2021-21622)
A stored cross-site scripting vulnerability exists in Jenkins Artifact Repository Parameter plugin. This vulnerability is due to insufficient validation of the name and description parameters in the ArtifactRepoParamDefinition class...
CloudBees Jenkins Artifact Repository Parameter Plugin Cross-Site Scripting Vulnerability
Jenkins Artifact Repository Parameter is a Jenkins open source application plugin . Provides to make the artifact repository of certain information can be used as Jenkins build parameters. A cross-site script execution vulnerability exists in Jenkins Artifact Repository Parameter Plugin 1.0.0 and...
CVE-2021-21622
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21622
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
Cross site scripting
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21622
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21622
CVE-2021-21622 affects Jenkins Artifact Repository Parameter Plugin (versions
Jenkins Artifact Repository Parameter 跨站脚本漏洞
Jenkins Artifact Repository Parameter is a Jenkins open source application plugin . Provides to make the artifact repository of certain information can be used as Jenkins build parameters. A cross-site script execution vulnerability exists in Jenkins Artifact Repository Parameter Plugin 1.0.0 and...