CVE-2025-62157
- EPSS 0.03%
- Veröffentlicht 14.10.2025 15:16:12
- Zuletzt bearbeitet 17.11.2025 14:24:01
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-...
CVE-2025-62156
- EPSS 0.11%
- Veröffentlicht 14.10.2025 14:52:44
- Zuletzt bearbeitet 17.11.2025 14:27:17
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During ...
CVE-2024-53862
- EPSS 0.07%
- Veröffentlicht 02.12.2024 16:15:14
- Zuletzt bearbeitet 29.10.2025 14:29:09
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. When using `--auth-mode=client`, Archived Workflows can be retrieved with a fake or spoofed token via the GET Workflow endpoint: `/api/v1...
CVE-2024-47827
- EPSS 0.15%
- Veröffentlicht 28.10.2024 16:15:03
- Zuletzt bearbeitet 05.11.2024 16:50:27
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with...
CVE-2022-29164
- EPSS 0.33%
- Veröffentlicht 06.05.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:58:37
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions an attacker can create a workflow which produces a HTML artifact containing an HTML file that contains a script whic...