argoproj Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by argoproj
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Privilege Escalation Vulnerability in Argo Events for Kubernetes
CVE-2025-32445ArgoprojArgo-events10CRITICALSecurity Vulnerability in Argo CD Could Lead to Deployment Disruption
CVE-2024-40634ArgoprojArgo-cd7.5HIGHUnauthorized Access to Sensitive Settings in Argo CD
CVE-2024-37152ArgoprojArgo-cdEPSS 24%7.5HIGHUnprivileged Pods Can Connect to Redis Server on Port 6379, Raising Security Concerns
CVE-2024-31989ArgoprojArgo-cdπΎπ‘9CRITICALBrute Force Vulnerability in Argo CD Could Allow Attackers to Bypass Rate Limits and Target Default Admin Account
CVE-2024-21662ArgoprojArgo-cd9.1CRITICALArgo CD vulnerable to Denial of Service (DoS) attack due to unsafe array manipulation in multi-threaded environment
CVE-2024-21661ArgoprojArgo-cd7.5HIGHBrute Force Login Bypass in Argo CD by Vendor Argo Project
CVE-2024-21652ArgoprojArgo-cd9.8CRITICALCross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd
CVE-2024-22424argoprojargo-cd8.3HIGHCluster secret might leak in cluster details page in Argo CD
CVE-2023-40029ArgoprojArgo-cd9.9CRITICALArgo CD users with any cluster secret update access may update out-of-bounds cluster secrets
CVE-2023-23947ArgoprojArgo-cd9.1CRITICALJWT audience claim is not verified
CVE-2023-22482ArgoprojArgo-cd9.1CRITICALargo-cd Controller reconciles apps outside configured namespaces when sharding is enabled
CVE-2023-22736ArgoprojArgo-cd8.6HIGHArgo CD's certificate verification is skipped for connections to OIDC providers
CVE-2022-31105ArgoprojArgo-cd8.3HIGHExternal URLs for Deployments can include javascript in argo-cd
CVE-2022-31035ArgoprojArgo-cd9CRITICALInsecure entropy in argo-cd
CVE-2022-31034ArgoprojArgo-cd8.3HIGHUses of deprecated API can be used to cause DoS in user-facing endpoints in Argo Events
CVE-2022-31054ArgoprojArgo-events7.5HIGHArgo CD will blindly trust JWT claims if anonymous access is enabled
CVE-2022-29165ArgoprojArgo-cd10CRITICALPrivilege Escalation in argo-workflows
CVE-2022-29164ArgoprojArgo-workflows7.1HIGHImproper access control allows admin privilege escalation in Argo CD
CVE-2022-24768ArgoprojArgo-cd9.9CRITICALPath traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server
CVE-2022-24730ArgoprojArgo-cd7.7HIGH
15 April 2025
22 July 2024
6 June 2024
21 May 2024
18 March 2024
19 January 2024
7 September 2023
16 February 2023
26 January 2023
12 July 2022
27 June 2022
13 June 2022
20 May 2022
6 May 2022
23 March 2022
No more vulnerabilities to load.