3 matches found
CVE-2026-42295
Affected product/version: Argo Workflows up to 4.0.4 (before 4.0.5). Vulnerability: The workflow executor logs all artifact repository credentials (S3 keys, GCS keys, Azure keys, Git passwords, etc.) in plaintext during artifact operations. This allows any user with read access to workflow pod lo...
PT-2025-41938
Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.6.12 Argo Workflows versions 3.7.0 through 3.7.2 Description Argo Workflows is a container-native workflow engine for Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact...
PT-2024-13887 · Laf · Laf
Name of the Vulnerable Software and Affected Versions: Laf versions 1.0.0-beta.13 and prior Description: Laf is a cloud development platform that uses communication with k8s to quickly retrieve logs from the container without the need for additional storage. However, the interface does not verify...