VYPR

Argo Helm

by Argoproj

Source repositories

CVEs (2)

  • CVE-2024-52799HigNov 21, 2024
    risk 0.46cvss 8.2epss 0.00

    Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which will allow kubectl exec into any Pod in the same namespace, i.e. arbitrary code…

  • CVE-2024-52814LowNov 22, 2024
    risk 0.11cvss 2.8epss 0.00

    Argo Helm is a collection of community maintained charts for `argoproj.github.io` projects. Prior to version 0.45.0, the `workflow-role`) lacks granularity in its privileges, giving permissions to `workflowtasksets` and `workflowartifactgctasks` to all workflow Pods, when only…