65 matches found
CVE-2026-41184
In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the SERVICEACCOUNTTOKEN placeholder Canal/Flannel-Calico deployments, the installer substitutes the live Kubernetes ServiceAccount bearer token before logging,...
CVE-2026-42295 Argo Workflows: Exposure of artifact repository credentials
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the workflow executor logs all artifact repository credentials S3 access keys, secret keys, GCS service account keys, Azure account keys, Gi...
CVE-2026-42295
Affected product/version: Argo Workflows up to 4.0.4 (before 4.0.5). Vulnerability: The workflow executor logs all artifact repository credentials (S3 keys, GCS keys, Azure keys, Git passwords, etc.) in plaintext during artifact operations. This allows any user with read access to workflow pod lo...
CVE-2026-42295
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the workflow executor logs all artifact repository credentials S3 access keys, secret keys, GCS service account keys, Azure account keys, Gi...
Argo Workflows 安全漏洞
Argo Workflows is an open-source container-native workflow engine for Kubernetes, part of the Argo project. Versions 4.0.0 to 4.0.5 of Argo Workflows had a security vulnerability. This vulnerability stemmed from the fact that the workflow executor recorded all workpiece repository credentials in...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the UI server WebSocket. An attacker can gain unauthorized access to sensitive endpoints, such as streaming real-time pod logs, opening an interactive shell inside a running pod, or...
Argo vulnerable to exposure of artifact repository credentials
Summary The workflow executor logs all artifact repository credentials S3 access keys, secret keys, GCS service account keys, Azure account keys, Git passwords, etc. in plaintext on artifact operation. Any user with read access to workflow pod logs can extract these credentials. Note: This is an...
PT-2026-37193
Name of the Vulnerable Software and Affected Versions Argo Workflows versions 4.0.0 through 4.0.4 Description The workflow executor logs artifact repository credentials in plaintext during artifact operations. This occurs because the logging driver passes the entire ArtifactDriver struct to the...
CVE-2025-62879
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...
CVE-2025-62879
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...
CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...
CVE-2025-62879
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...
CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens
A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...
Backup and Restore Operator 日志信息泄露漏洞
Backup and Restore Operator is an open-source Kubernetes application for backup and restoration. The Backup and Restore Operator has a vulnerability related to log information leakage, which stems from the S3 tokens being leaked into the logs of the rancher-backup-operator pod...
CVE-2022-31098
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in the logging of Weave GitOps could allow an authenticated remote attacker to view sensitive cluster configurations, aka KubeConfg, of...
Information Disclosure
github.com/argoproj/argo-workflows is vulnerable to Information Disclosure. The vulnerability is due to artifact repository credentials being logged in plaintext within the workflow-controller pod logs, which allows an attacker with permission to read pod logs to obtain these credentials and...
Argo Workflow may expose artifact repository credentials
Summary An attacker who has permissions to read logs from pods in a namespace with Argo Workflow can read workflow-controller logs and get credentials to the artifact repository. Details An attacker, by reading the logs of the workflow controller pod, can access the artifact repository, and steal...
Insufficiently Protected Credentials
Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to workflow-controller logging configuration with credentials in plaintext. An attacker can access sensitive credentials by reading pod logs if they have permissions to view logs in the affected...
PT-2025-41938
Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.6.12 Argo Workflows versions 3.7.0 through 3.7.2 Description Argo Workflows is a container-native workflow engine for Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact...
EUVD-2019-5976
Malware in sbrugna...