Github.com/argoproj/argo-workflows/v3
This hub aggregates every CVE we track for Github.com/argoproj/argo-workflows/v3, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
1
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5MEDIUM4CRITICAL1
Monthly trend
0
0
0
1
0
1
0
0
0
0
0
0
0
0
0
2
0
1
1
0
2
0
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Github.com/argoproj/argo-workflows/v3.
- CVE-2026-31892WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode8.1
- CVE-2026-28229Argo Workflows has unauthorized access to Argo Workflows Template9.8
- CVE-2026-23960Argo Workflows affected by stored XSS in the artifact directory listing5.4
- CVE-2025-66626argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links8.1
- CVE-2025-62157Argo Workflows exposes artifact repository credentials in workflow-controller logs6.5
- CVE-2025-62156argo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwrite8.1
- CVE-2024-53862Argo Workflows Allows Access to Archived Workflows with Fake Token in `client` mode7.5
- CVE-2024-47827Argo Workflows Controller: Denial of Service via malicious daemon Workflows5.7
- CVE-2022-29164Privilege Escalation in argo-workflows7.1
- CVE-2021-37914In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow...6.5
Product normalization is registry-driven with AI assist and human review. How it works