CVE-2018-21034

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
09/04/2020
Last modified:
07/08/2024

Description

In Argo versions prior to v1.5.0-rc1, it was possible for authenticated Argo users to submit API calls to retrieve secrets and other manifests which were stored within git.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:* 1.4.2 (including)