598 matches found
BIT-ARGO-WORKFLOWS-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...
GHSA-5JV8-H7QH-RF5P Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller
Summary An unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed workflows.argoproj.io/pod-gc-strategy annotation. Because the panic occurs inside an informer goroutine outside the controller's recover scope, it...
Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller
Summary An unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed workflows.argoproj.io/pod-gc-strategy annotation. Because the panic occurs inside an informer goroutine outside the controller's recover scope, it...
CVE-2026-40886
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...
CVE-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...
CVE-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...
CVE-2026-40886
The CVE describes an unchecked array index in Argo Workflows’ pod informer, specifically in podGCFromPod(), which can cause a controller-wide panic when a workflow pod has a malformed workflows.argoproj.io/pod-gc-strategy annotation. Affected versions span 3.6.5 through 4.0.4, with the panic occu...
Argo Workflows 输入验证错误漏洞
Argo Workflows is an open-source container-native workflow engine for Kubernetes, part of the Argo project. Versions 3.6.5 to 4.0.4 of Argo Workflows contain a vulnerability related to input validation errors. This vulnerability stems from insufficient array index checking in the podGCFromPod...
CVE-2026-21514
creationtimestamp| type| source ---|---|--- 2026-02-10 17:30:28+00:00| seen| https://www.thezdi.com/blog/2026/2/10/the-february-2026-security-update-review 2026-02-10 18:11:42+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0058 2026-02-10 18:53:06+00:00| seen|...
CVE-2026-21525
creationtimestamp| type| source ---|---|--- 2026-02-10 17:30:28+00:00| seen| https://www.thezdi.com/blog/2026/2/10/the-february-2026-security-update-review 2026-02-10 18:01:45+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0053 2026-02-10 18:53:06+00:00| seen|...
GHSA-G5P3-F4CQ-94V5
creationtimestamp| type| source ---|---|--- 2026-01-29 21:15:25+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/115980456736557020...
GHSA-M3H4-65J5-6J8C
creationtimestamp| type| source ---|---|--- 2026-01-29 20:49:13+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/115980353620259404...
GHSA-232V-J27C-5PP6
creationtimestamp| type| source ---|---|--- 2026-01-22 00:48:52+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/115935997438542873 2026-01-22 00:51:09+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/115936006347966952 2026-01-24 21:24:05+00:00| seen|...
GHSA-JM76-5G2J-P4HP
creationtimestamp| type| source ---|---|--- 2026-01-20 22:45:40+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/115929850738126657...
CVE-2025-65185
There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses...
EUVD-2025-203899
There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses...
CVE-2025-65185
There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses...
CVE-2025-65185
There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses...
CVE-2025-65185
There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses...
Entrinsik Informer 安全漏洞
Entrinsik Informer is a business intelligence and data analytics platform from US-based Entrinsik. A security vulnerability exists in Entrinsik Informer version 5.10.1, which stems from the presence of username enumeration at local user login, which could lead to a malicious user enumerating user...