Vulnerabilities > Argoproj > Argo CD > 1.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-27 | CVE-2022-31035 | Unspecified vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 5.4 |
2022-06-25 | CVE-2022-31016 | Allocation of Resources Without Limits or Throttling vulnerability in Argoproj Argo CD Argo CD is a declarative continuous deployment for Kubernetes. | 6.5 |
2022-05-20 | CVE-2022-24904 | Link Following vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 4.3 |
2022-05-20 | CVE-2022-24905 | Unspecified vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 4.3 |
2022-03-23 | CVE-2022-24768 | Missing Authorization vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 8.8 |
2022-02-04 | CVE-2022-24348 | Path Traversal vulnerability in Argoproj Argo CD Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. | 7.7 |
2021-03-15 | CVE-2021-26924 | Cross-site Scripting vulnerability in Argoproj Argo CD An issue was discovered in Argo CD before 1.8.4. | 6.1 |
2021-03-15 | CVE-2021-26923 | Information Exposure vulnerability in Argoproj Argo CD An issue was discovered in Argo CD before 1.8.4. | 7.5 |
2021-03-03 | CVE-2021-23347 | Cross-site Scripting vulnerability in Argoproj Argo CD The package github.com/argoproj/argo-cd/cmd before 1.7.13, from 1.8.0 and before 1.8.6 are vulnerable to Cross-site Scripting (XSS) the SSO provider connected to Argo CD would have to send back a malicious error message containing JavaScript to the user. | 4.8 |
2021-02-09 | CVE-2021-26921 | Insufficient Session Expiration vulnerability in Argoproj Argo CD In util/session/sessionmanager.go in Argo CD before 1.8.4, tokens continue to work even when the user account is disabled. | 6.5 |