Package impact
GO / github.com/argoproj/argo-workflows/v4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42297 | high | 8.3 | 8.3 | 26d ago | Argo has Missing Authorization in its Sync ConfigMap Provider | |||
| CVE-2026-42296 | high | 8.1 | 8.1 | 26d ago | Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure | |||
| CVE-2026-28229 | high | — | 8.0 | 3mo ago | Unauthorized access to Argo Workflows Template | |||
| CVE-2026-42294 | high | 7.5 | 7.5 | 26d ago | Argo Vulnerable to Unauthenticated Memory Exhaustion (DoS) in Webhook Interceptor |