pkg:Go/github.com/argoproj/argo-workflows/v4

共 10 筆 CVEHIGH4

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.1CVE-2026-42296Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure
    >= 4.0.0, < 4.0.5
  • HIGH7.7CVE-2026-40886Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller
    >= 4.0.0, < 4.0.5
  • HIGH7.5CVE-2026-28229Unauthorized access to Argo Workflows Template
    from 0, < 4.0.2
  • HIGH7.5CVE-2026-28229Unauthorized access to Argo Workflows Template
    from 0, < 4.0.2
  • CVE-2026-42295Argo vulnerable to exposure of artifact repository credentials
    >= 4.0.0, < 4.0.5
  • CVE-2026-42294Argo Vulnerable to Unauthenticated Memory Exhaustion (DoS) in Webhook Interceptor
    >= 4.0.0, < 4.0.5
  • CVE-2026-42183Argo Affected by SSO RBAC Delegation Nil Pointer Dereference DoS (gatekeeper.go)
    >= 4.0.0, < 4.0.5
  • CVE-2026-42297Argo has Missing Authorization in its Sync ConfigMap Provider
    >= 4.0.0, < 4.0.5
  • CVE-2026-31892WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode
    from 0, < 4.0.2
  • CVE-2026-31892WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode
    from 0, < 4.0.2