Argo Cd Security Vulnerabilities and Issues — Argo Cd CVE List

Lucene search

ArgoprojArgo Cd

3 matches found

CVE•added 2022/07/12 10:15 p.m.•693 views

CVE-2022-31105

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OID...

9.6CVSS8.6AI score0.00241EPSS

CVE•added 2022/07/12 10:15 p.m.•498 views

CVE-2022-31102

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This vu...

6.1CVSS5AI score0.00337EPSS

CVE•added 2022/07/12 9:15 p.m.•249 views

CVE-2022-1025

All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.

9CVSS8.6AI score0.00304EPSS