Lucene search
+L

9 matches found

Nuclei
Nuclei
added 9 hours ago73 views

ArgoCD Project API Token Repository Credentials Exposure

Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...

9.9CVSS8.6AI score0.04518EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.4 views

CVE-2026-33345

solidtime is an open-source time-tracking app. Prior to version 0.11.6, the project detail endpoint GET /api/v1/organizations/org/projects/project allows any authenticated Employee to access any project in the organization by UUID, including private projects they are not a member of. The index...

6.5CVSS5.7AI score0.00416EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/09/11 11:22 p.m.4 views

SUSE CVE-2025-55190

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

9.9CVSS6.7AI score0.04518EPSS
Exploits1References2
OSV
OSV
added 2025/09/09 5:36 a.m.6 views

BIT-ARGO-CD-2025-55190 Argo CD: Project API Token Exposes Repository Credentials

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords...

9.9CVSS6.1AI score0.04518EPSS
Exploits1References3
Snyk
Snyk
added 2025/09/04 11:42 p.m.2 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

9.9CVSS6.9AI score0.04518EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/04 11:42 p.m.3 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the project details API endpoint. An attacker can access sensitive repository credentials by using API tokens with project-level or project get permissions,...

9.9CVSS6.9AI score0.04518EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/04 10:37 p.m.31 views

CVE-2025-55190 Argo CD: Project API Token Exposes Repository Credentials

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

9.9CVSS0.04518EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/04 10:37 p.m.2 views

CVE-2025-55190 Argo CD: Project API Token Exposes Repository Credentials

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

9.9CVSS5.9AI score0.04518EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/09/04 12:0 a.m.4 views

PT-2025-36094

Name of the Vulnerable Software and Affected Versions Argo CD versions 2.13.0 through 2.13.8 Argo CD versions 2.14.0 through 2.14.15 Argo CD versions 3.0.0 through 3.0.12 Argo CD version 3.1.0-rc1 through 3.1.1 Description Argo CD, a declarative GitOps continuous delivery tool for Kubernetes,...

9.9CVSS7.5AI score0.04518EPSS
Exploits1References387
Rows per page
Query Builder