Vulnerabilities > Argoproj > Argo CD

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-29165 Authentication Bypass by Spoofing vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj CWE-290
critical
 10.0
10
2022-05-20 CVE-2022-24904 Link Following vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj CWE-59
4.3
4.3
2022-05-20 CVE-2022-24905 Unspecified vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj
4.3
4.3
2022-03-23 CVE-2022-24768 Missing Authorization vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj CWE-862
8.8
8.8
2022-03-23 CVE-2022-24730 Incorrect Authorization vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj CWE-863
6.5
6.5
2022-03-23 CVE-2022-24731 Information Exposure Through an Error Message vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj CWE-209
4.9
4.9
2022-02-16 CVE-2021-3557 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in argocd.
network
low complexity
argoproj redhat CWE-732
6.5
6.5
2022-02-04 CVE-2022-24348 Path Traversal vulnerability in Argoproj Argo CD
Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go.
network
low complexity
argoproj CWE-22
7.7
7.7
2021-05-12 CVE-2021-23135 Information Exposure Through an Error Message vulnerability in Argoproj Argo CD
Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs.
local
low complexity
argoproj CWE-209
5.5
5.5
2021-03-15 CVE-2021-26924 Cross-site Scripting vulnerability in Argoproj Argo CD
An issue was discovered in Argo CD before 1.8.4.
network
low complexity
argoproj CWE-79
6.1
6.1