Vulnerabilities

CVE-2022-24348

by Fred · 04/02/2022

Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.

Date published : 2022-02-04

https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7

Malicious Kubernetes Helm charts can be used to steal sensitive information from Argo CD deployments

Similar

Tags: Cybersecurity Alert