Skip to main content

Argo Events

2 CVEs product

Monthly

CVE-2022-25856 Go HIGH POC PATCH This Week

The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Argo Events
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-31054 Go HIGH PATCH This Week

Argo Events is an event-driven workflow automation framework for Kubernetes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Kubernetes Argo Events
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Argo Events
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Argo Events is an event-driven workflow automation framework for Kubernetes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Kubernetes Argo Events
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy