-
Notifications
You must be signed in to change notification settings - Fork 3.2k
Security: argoproj/argo-workflows
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Controller: Denial of Service via malicious daemon WorkflowsGHSA-ghjw-32xw-ffwr published
Oct 28, 2024 by terrytangyuanModerate -
Server: Access to Archived Workflows with incorrect Token in `client` or `sso` modeGHSA-h36c-m3rf-34h9 published
Dec 2, 2024 by JoibelModerate -
Malicious HTML+XHR Artifact Privilege EscalationGHSA-cmv8-6362-r5w9 published
May 4, 2022 by alexecHigh -
Argo Server TLS requests could be forged by attacker with network accessGHSA-6c73-2v8x-qpvm published
Aug 18, 2021 by alexecModerate -
Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client`GHSA-prqf-xr2j-xf65 published
Aug 18, 2021 by alexecLow -
Workflow re-write vulnerability using input parameterGHSA-h563-xh25-x54q published
Aug 4, 2021 by alexecLow -
Attack on Kubernetes via Misconfigured Argo WorkflowsGHSA-rc7p-gmvh-xfx2 published
Jul 22, 2021 by alexecModerate