Vulnerabilidades em argoproj
62 resultadosCVE-2022-31016MEDIUMArgo CD vulnerable to Uncontrolled Memory ConsumptionEPSS 0.8%CVE-2022-31034HIGHInsecure entropy in argo-cdEPSS 0.8%CVE-2023-22736HIGHargo-cd Controller reconciles apps outside configured namespaces when sharding is enabledEPSS 0.8%CVE-2022-31035CRITICALExternal URLs for Deployments can include javascript in argo-cdEPSS 0.8%CVE-2024-21652CRITICALArgo CD vulnerable to Bypassing of Brute Force Protection via Application Crash and In-Memory Data LossEPSS 0.8%CVE-2022-31036MEDIUMSymlink following allows leaking out-of-bounds YAML files from Argo CD repo-serverEPSS 0.7%CVE-2024-41666MEDIUMThe Argo CD web terminal session does not handle the revocation of user permissions properly.EPSS 0.7%CVE-2023-23947CRITICALArgo CD users with any cluster secret update access may update out-of-bounds cluster secretsEPSS 0.7%CVE-2025-32445CRITICALUsers can gain privileged access to the host system and cluster with EventSource and Sensor CREPSS 0.7%CVE-2024-28175CRITICALCross-site scripting on application summary component in argo-cdEPSS 0.7%CVE-2024-53862MEDIUMArgo Workflows Allows Access to Archived Workflows with Fake Token in `client` modeEPSS 0.6%CVE-2022-31105HIGHArgo CD's certificate verification is skipped for connections to OIDC providersEPSS 0.6%CVE-2025-66626HIGHargoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic linksEPSS 0.6%CVE-2025-59537HIGHargo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payloadEPSS 0.5%CVE-2026-42294HIGHArgo Workflows: Unauthenticated Memory Exhaustion (DoS) in Webhook InterceptorEPSS 0.5%CVE-2025-62156HIGHargo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwriteEPSS 0.5%CVE-2025-59538HIGHArgo CD is Vulnerable to Unauthenticated Remote DoS via malformed Azure DevOps git.push webhookEPSS 0.5%CVE-2025-59531HIGHUnauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payloadEPSS 0.5%CVE-2023-50726MEDIUMUsers with `create` but not `override` privileges can perform local sync in argo-cdEPSS 0.5%CVE-2022-31102LOWCross-site Scripting for Argo CD single sign on usersEPSS 0.5%