pkg:Go/github.com/argoproj/argo-workflows

12 total CVEsHIGH4MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • HIGH8.1CVE-2025-66626RCE via ZipSlip and symbolic links in argoproj/argo-workflows in github.com/argoproj/argo-workflows
    from 0, <= 2.5.3-rc4
  • HIGH8.1CVE-2025-66626RCE via ZipSlip and symbolic links in argoproj/argo-workflows in github.com/argoproj/argo-workflows
    from 0
  • HIGH8.1CVE-2025-62156Argo Workflow has a Zipslip Vulnerability
    from 0
  • HIGH7.5CVE-2026-28229Unauthorized access to Argo Workflows Template
    from 0
  • MEDIUM6.5CVE-2021-37914Workflow re-write vulnerability using input parameter in github.com/argoproj/argo-workflows
    from 0
  • MEDIUM5.7CVE-2024-47827Argo Workflows Controller: Denial of Service via malicious daemon Workflows in github.com/argoproj/argo-workflows
    from 0
  • CVE-2026-31892WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode
    from 0
  • CVE-2026-31892WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode
    >= 2.9.0
  • CVE-2026-23960Argo Workflows affected by stored XSS in the artifact directory listing in github.com/argoproj/argo-workflows
    from 0, <= 2.5.3-rc4
  • CVE-2026-23960Argo Workflows affected by stored XSS in the artifact directory listing in github.com/argoproj/argo-workflows
    from 0
  • CVE-2025-62157Argo Workflow may expose artifact repository credentials in github.com/argoproj/argo-workflows
    from 0
  • CVE-2024-53862Access to Archived Argo Workflows with Fake Token in `client` mode
    from 0