6 matches found
CVE-2025-32445 vulnerabilities
Vulnerabilities for packages: argo-events-fips...
CVE-2025-32445
Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor...
CVE-2025-32445 Users can gain privileged access to the host system and cluster with EventSource and Sensor CR
Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor...
CVE-2025-32445 Users can gain privileged access to the host system and cluster with EventSource and Sensor CR
Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor...
CVE-2025-32445
CVE-2025-32445 is tied to Argo Events. A user with permission to create/modify EventSource and Sensor CRs can cause the orchestrated pod to run with elevated/privileged capabilities by manipulating fields in spec.template and spec.template.container (including command, args, securityContext, volu...
CVE-2025-32445
creationtimestamp| type| source ---|---|--- 2025-04-13 19:24:37+00:00| published-proof-of-concept| https://github.com/argoproj/argo-events/security/advisories/GHSA-hmp7-x699-cvhq 2025-04-15 20:06:15+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114343777087123748 2025-04-15...