Vulnerabilities > Linuxfoundation > Argo Continuous Delivery > 1.7.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-12 | CVE-2021-23135 | Information Exposure Through an Error Message vulnerability in Linuxfoundation Argo Continuous Delivery Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. | 2.1 |
2021-02-09 | CVE-2021-26921 | Insufficient Session Expiration vulnerability in Linuxfoundation Argo Continuous Delivery In util/session/sessionmanager.go in Argo CD before 1.8.4, tokens continue to work even when the user account is disabled. | 5.0 |