Skip to main content

Argo Workflows CVE-2026-42295

HIGH
Insufficiently Protected Credentials (CWE-522)
2026-05-04 https://github.com/argoproj/argo-workflows GHSA-7vf8-2cr6-54mf
8.5
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.5 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Red Hat
5.5 MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

5
Analysis Updated
May 09, 2026 - 04:28 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 09, 2026 - 04:22 vuln.today
cvss_changed
CVSS changed
May 09, 2026 - 04:22 NVD
8.5 (HIGH)
Source Code Evidence Fetched
May 04, 2026 - 21:02 vuln.today
Analysis Generated
May 04, 2026 - 21:02 vuln.today

DescriptionGitHub Advisory

Summary

The workflow executor logs all artifact repository credentials (S3 access keys, secret keys, GCS service account keys, Azure account keys, Git passwords, etc.) in plaintext on artifact operation. Any user with read access to workflow pod logs can extract these credentials.

Note: This is an incomplete fix of CVE-2025-62157

Details

The logging driver passes the entire ArtifactDriver struct to the structured logger, for example: https://github.com/argoproj/argo-workflows/blob/59f1089b9875723ddffd524513e6bd5cb37e5e31/workflow/artifacts/logging/driver.go#L24

Exposed credential fields:

  • S3 (workflow/artifacts/s3/s3.go): AccessKey, SecretKey, SessionToken, ServerSideCustomerKey
  • OSS (workflow/artifacts/oss/oss.go): AccessKey, SecretKey, SecurityToken
  • GCS (workflow/artifacts/gcs/gcs.go): ServiceAccountKey

PoC

  1. Create template
yml
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
  name: cred-leak-test
  namespace: argo
spec:
  entrypoint: main
  templates:
  - name: main
    container:
      image: alpine:3.13
      command: [sh, -c]
      args: ["echo 'hello' > /tmp/output.txt"]
    outputs:
      artifacts:
      - name: output
        path: /tmp/output.txt
        s3:
          endpoint: minio:9000
          insecure: true
          bucket: my-bucket
          key: test-output.txt
          accessKeySecret:
            name: my-minio-cred
            key: accesskey
          secretKeySecret:
            name: my-minio-cred
            key: secretkey
  1. Then check the logs

kubectl -n argo logs "cred-leak-test" -c wait <img width="1248" height="322" alt="image" src="https://github.com/user-attachments/assets/a5cf6d66-7d67-408d-8583-27d11ecf1507" />

Impact

Any user with Kubernetes RBAC permissions to read pod logs in the workflow namespace can extract artifact repository credentials.

AnalysisAI

Argo Workflows executor logs artifact repository credentials in plaintext to pod logs during artifact operations, exposing S3 access/secret keys, GCS service account keys, Azure storage keys, and Git passwords. Users with Kubernetes RBAC permissions to read pod logs in the workflow namespace can extract these credentials directly from workflow execution logs. This vulnerability affects Argo Workflows v4.0.0 through v4.0.4 and represents an incomplete fix of CVE-2025-62157. Vendor-released patch (v4.0.5) is available with GitHub commit bdd40908 removing credential-bearing struct logging. No public exploit identified at time of analysis, though exploitation is trivial given the included working proof-of-concept YAML.

Technical ContextAI

The vulnerability exists in Argo Workflows' artifact logging driver (workflow/artifacts/logging/driver.go), a Kubernetes-native workflow orchestration engine written in Go. The logging infrastructure passes entire ArtifactDriver structs to structured loggers using log.WithField("driver", d.ArtifactDriver), which serializes all struct fields including sensitive credential material. Affected artifact drivers include S3 (AccessKey, SecretKey, SessionToken, ServerSideCustomerKey), Alibaba OSS (AccessKey, SecretKey, SecurityToken), and Google Cloud Storage (ServiceAccountKey). This falls under CWE-522 (Insufficiently Protected Credentials), where secrets are exposed through unintended channels. The fix removes credential-bearing struct logging and switches to generic informational messages, demonstrating that credentials were never functionally necessary in log output. The underlying issue is a common Go logging anti-pattern where developers log entire structs without implementing custom masking methods or using struct tags to exclude sensitive fields. Kubernetes RBAC model exacerbates this because pod log access is a common debugging permission that inadvertently grants credential access when logs contain secrets.

RemediationAI

Upgrade to Argo Workflows v4.0.5 or later, released at https://github.com/argoproj/argo-workflows/releases/tag/v4.0.5, which implements the complete fix via commit bdd40908580f727c590c8743836e338b04fe4a87. The patch removes credential-bearing struct logging from workflow/artifacts/logging/driver.go, replacing log.WithField calls containing ArtifactDriver structs with generic informational messages. After upgrading, rotate all artifact repository credentials that may have been exposed in logs, including S3 access keys, GCS service account keys, Azure storage account keys, and Git tokens referenced in workflow templates. Purge historical pod logs from aggregation systems (Splunk, ELK, CloudWatch, Loki) covering the exposure period to prevent retroactive credential harvesting. For environments unable to immediately upgrade, implement a compensating control by restricting Kubernetes RBAC pod log read permissions (verbs: get, list on resource: pods/log) to only essential service accounts and administrators. This mitigation reduces attack surface but does not eliminate credential exposure in logs - service accounts and cluster admins with log access can still extract credentials. Additionally, configure log rotation with short retention periods (24-48 hours) and disable centralized log shipping for the argo namespace until patching is complete. Note these workarounds significantly impact debugging capabilities and should only be temporary measures.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Vendor StatusVendor

Share

CVE-2026-42295 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy