Vulnerabilities > Argoproj > Argo CD > 0.12.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-08 | CVE-2020-8827 | Improper Restriction of Excessive Authentication Attempts vulnerability in Argoproj Argo CD As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. | 7.5 |
| 2020-04-08 | CVE-2020-8826 | Session Fixation vulnerability in Argoproj Argo CD As of v1.5.0, the Argo web interface authentication system issued immutable tokens. | 7.5 |