VYPR

Go modules package

github.com/argoproj/argo-workflows

pkg:golang/github.com/argoproj/argo-workflows

Vulnerabilities (3)

  • CVE-2026-31892Mar 11, 2026
    affected >= 2.9.0

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2 and 3.7.11, A user who can submit Workflows can completely bypass all security settings defined in a WorkflowTemplate by including a podSpec

  • CVE-2026-23960Jan 21, 2026
    affected <= 2.5.3-rc4

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user’s browser u

  • CVE-2025-66626Dec 9, 2025
    affected <= 2.5.3-rc4

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below and versions 3.7.0 through 3.7.4, contain unsafe untar code that handles symbolic links in archives. Concretely, the computation of a link's