We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | GitHub_M |
Reserved | 2024-10-03 |
Published | 2024-10-28 |
Updated | 2024-10-28 |
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerability is fixed in 3.6.0-rc2.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
https://github.com/argoproj/argo-workflows/security/advisories/GHSA-ghjw-32xw-ffwr
https://github.com/argoproj/argo-workflows/pull/13641
https://github.com/argoproj/argo-workflows/commit/524406451f4dfa57bf3371fb85becdb56a2b309a