Argo Workflows CVE-2026-42295
HIGH
GHSA-7vf8-2cr6-54mf
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionNVD
Summary
The workflow executor logs all artifact repository credentials (S3 access keys, secret keys, GCS service account keys, Azure account keys, Git passwords, etc.) in plaintext on artifact operation. Any user with read access to workflow pod logs can extract these credentials.
Note: This is an incomplete fix of CVE-2025-62157
Details
The logging driver passes the entire ArtifactDriver struct to the structured logger, for example: https://github.com/argoproj/argo-workflows/blob/59f1089b9875723ddffd524513e6bd5cb37e5e31/workflow/artifacts/logging/driver.go#L24
Exposed credential fields:
- S3 (workflow/artifacts/s3/s3.go): AccessKey, SecretKey, SessionToken, ServerSideCustomerKey
- OSS (workflow/artifacts/oss/oss.go): AccessKey, SecretKey, SecurityToken
- GCS (workflow/artifacts/gcs/gcs.go): ServiceAccountKey
PoC
- Create template
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
name: cred-leak-test
namespace: argo
spec:
entrypoint: main
templates:
- name: main
container:
image: alpine:3.13
command: [sh, -c]
args: ["echo 'hello' > /tmp/output.txt"]
outputs:
artifacts:
- name: output
path: /tmp/output.txt
s3:
endpoint: minio:9000
insecure: true
bucket: my-bucket
key: test-output.txt
accessKeySecret:
name: my-minio-cred
key: accesskey
secretKeySecret:
name: my-minio-cred
key: secretkey- Then check the logs
kubectl -n argo logs "cred-leak-test" -c wait <img width="1248" height="322" alt="image" src="https://github.com/user-attachments/assets/a5cf6d66-7d67-408d-8583-27d11ecf1507" />
Impact
Any user with Kubernetes RBAC permissions to read pod logs in the workflow namespace can extract artifact repository credentials.
AnalysisAI
Argo Workflows executor logs artifact repository credentials in plaintext to pod logs during artifact operations, exposing S3 access/secret keys, GCS service account keys, Azure storage keys, and Git passwords. Users with Kubernetes RBAC permissions to read pod logs in the workflow namespace can extract these credentials directly from workflow execution logs. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all Argo Workflows deployments running v4.0.0-v4.0.4 using kubectl get deployment -A | grep argo-workflows and note current versions. Within 7 days: Upgrade to Argo Workflows v4.0.5 or later (GitHub commit bdd40908 or newer) across all affected namespaces; validate no pod logs contain credentials post-upgrade using log scraping tools. …
Sign in for detailed remediation steps.
More from same product – last 7 days
Remote code execution in Microsoft Azure Orbital Spatio allows unauthenticated network attackers to upload dangerous fil
Unsafe deserialization in Microsoft Planetary Computer Pro (Geocatalog) lets a remote unauthenticated attacker craft mal
Remote code execution in Microsoft Power Pages allows unauthenticated network attackers to inject and execute operating-
Privilege elevation in Microsoft Azure Resource Manager (ARM) allows remote unauthenticated attackers to bypass authenti
Privilege escalation in Microsoft Entra ID enables remote unauthenticated attackers to bypass origin validation and gain
Vendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today