Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14.
References
Link | Resource |
---|---|
https://github.com/argoproj/argo-cd/security/advisories/GHSA-fp89-h8pj-8894 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Aug 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-209 |
01 Jun 2021, 20:08
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 5.5 |
CWE | CWE-668 | |
References | (MISC) https://github.com/argoproj/argo-cd/security/advisories/GHSA-fp89-h8pj-8894 - Third Party Advisory | |
CPE | cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:* |
12 May 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-05-12 23:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-23135
Mitre link : CVE-2021-23135
CVE.ORG link : CVE-2021-23135
JSON object : View
Products Affected
linuxfoundation
- argo_continuous_delivery