CVE-2021-23135

Published May 12th, 2021

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

2.1

LOW

Affected

PROJECT

Description

Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14.

argoproj/argo-cd

Declarative Continuous Deployment for Kubernetes

GitHub

23K