MEDIUM🇬🇧 English

CVE-2024-47827

CVSS 5.7v3.1pub. 2024-10-28upd. 2026-02-06

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerability is fixed in 3.6.0-rc2.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • Argoproj Argo Workflows

    APP
    Argoproj
    3.6.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Race ConditionContainer
CWE
Referencje

Powiązane podatności

CVE-2026-28229CRITICAL9.8PL ✓ten sam produkt

Argo Workflows: nieautoryzowany dostęp do szablonów workflow i wykradanie sekretów

CVE-2026-42296HIGH8.1ten sam produkt

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernete...

CVE-2026-42294HIGH8.2ten sam produkt

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernete...

CVE-2026-42295HIGH8.5ten sam produkt

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernete...

CVE-2026-42297HIGH8.5ten sam produkt

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernete...