Vulnerability-Lookup

Vulnerability from cleanstart

Published

2026-01-30 16:11

Modified

2026-01-29 18:58

Summary

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes

Details

Multiple security vulnerabilities affect the argo-cd package. Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2025-55190	WEB
	https://osv.dev/vulnerability/CVE-2025-55191	WEB
	https://osv.dev/vulnerability/CVE-2025-59537	WEB
	https://osv.dev/vulnerability/CVE-2025-59538	WEB
	https://osv.dev/vulnerability/GHSA-2V5J-VHC3-9CWM	WEB
	https://osv.dev/vulnerability/GHSA-2VGG-9H3W-QBR4	WEB
	https://osv.dev/vulnerability/GHSA-2XSJ-VH29-9CWM	WEB
	https://osv.dev/vulnerability/GHSA-3WGM-2MW2-VH5M	WEB
	https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9	WEB
	https://osv.dev/vulnerability/GHSA-92CP-5422-2M47	WEB
	https://osv.dev/vulnerability/GHSA-93MQ-9FFX-83M2	WEB
	https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP	WEB
	https://osv.dev/vulnerability/GHSA-MW99-9CHC-XW7R	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-55190	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-55191	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-59537	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-59538	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "argo-cd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.8.-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the argo-cd package. Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-CZ81512",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T16:11:25.451968Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CZ81512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-55190"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-55191"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-59537"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-59538"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-2V5J-VHC3-9CWM"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-2VGG-9H3W-QBR4"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-2XSJ-VH29-9CWM"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-3WGM-2MW2-VH5M"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-92CP-5422-2M47"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-93MQ-9FFX-83M2"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-MW99-9CHC-XW7R"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55190"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55191"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes",
  "upstream": [
    "CVE-2025-55190",
    "CVE-2025-55191",
    "CVE-2025-59537",
    "CVE-2025-59538",
    "GHSA-2V5J-VHC3-9CWM",
    "GHSA-2VGG-9H3W-QBR4",
    "GHSA-2XSJ-VH29-9CWM",
    "GHSA-3WGM-2MW2-VH5M",
    "GHSA-6V2P-P543-PHR9",
    "GHSA-92CP-5422-2M47",
    "GHSA-93MQ-9FFX-83M2",
    "GHSA-MH63-6H87-95CP",
    "GHSA-MW99-9CHC-XW7R"
  ]
}

GHSA-93MQ-9FFX-83M2

Vulnerability from github – Published: 2025-03-17 21:26 – Updated: 2025-03-17 21:26

Summary

Memory Exhaustion in Expr Parser with Unrestricted Input

Details

Impact

If the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree (AST) node for each part of the expression. In scenarios where input size isn’t limited, a malicious or inadvertent extremely large expression can consume excessive memory as the parser builds a huge AST. This can ultimately lead to excessive memory usage and an Out-Of-Memory (OOM) crash of the process. This issue is relatively uncommon and will only manifest when there are no restrictions on the input size, i.e. the expression length is allowed to grow arbitrarily large. In typical use cases where inputs are bounded or validated, this problem would not occur.

Patches

The problem has been patched in the latest versions of the Expr library. The fix introduces compile-time limits on the number of AST nodes and memory usage during parsing, preventing any single expression from exhausting resources. Users should upgrade to Expr version 1.17.0 or later, as this release includes the new node budget and memory limit safeguards. Upgrading to v1.17.0 ensures that extremely deep or large expressions are detected and safely aborted during compilation, avoiding the OOM condition.

Workarounds

For users who cannot immediately upgrade, the recommended workaround is to impose an input size restriction before parsing. In practice, this means validating or limiting the length of expression strings that your application will accept. For example, set a maximum allowable number of characters (or nodes) for any expression and reject or truncate inputs that exceed this limit. By ensuring no unbounded-length expression is ever fed into the parser, you can prevent the parser from constructing a pathologically large AST and avoid potential memory exhaustion. In short, pre-validate and cap input size as a safeguard in the absence of the patch.

References

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/expr-lang/expr"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.17.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-29786"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-17T21:26:22Z",
    "nvd_published_at": "2025-03-17T14:15:22Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nIf the Expr expression parser is given an **unbounded input string**, it will attempt to compile the *entire* string and generate an Abstract Syntax Tree (AST) node for each part of the expression. In scenarios where input size isn\u2019t limited, a malicious or inadvertent extremely large expression can consume excessive memory as the parser builds a huge AST. This can ultimately lead to **excessive memory usage** and an **Out-Of-Memory (OOM) crash** of the process. This issue is relatively uncommon and will only manifest when there are **no restrictions on the input size**, i.e. the expression length is allowed to grow arbitrarily large. In typical use cases where inputs are bounded or validated, this problem would not occur.\n\n### Patches\n\nThe problem has been **patched** in the latest versions of the Expr library. The fix introduces compile-time limits on the number of AST nodes and memory usage during parsing, preventing any single expression from exhausting resources. Users should upgrade to **Expr version 1.17.0 or later**, as this release includes the new node budget and memory limit safeguards. Upgrading to v1.17.0 ensures that extremely deep or large expressions are detected and safely aborted during compilation, avoiding the OOM condition.\n\n### Workarounds\n\nFor users who cannot immediately upgrade, the recommended workaround is to **impose an input size restriction before parsing**. In practice, this means validating or limiting the length of expression strings that your application will accept. For example, set a maximum allowable number of characters (or nodes) for any expression and reject or truncate inputs that exceed this limit. By ensuring no unbounded-length expression is ever fed into the parser, you can prevent the parser from constructing a pathologically large AST and avoid potential memory exhaustion. In short, **pre-validate and cap input size** as a safeguard in the absence of the patch.\n\n### References\n\n- #762",
  "id": "GHSA-93mq-9ffx-83m2",
  "modified": "2025-03-17T21:26:22Z",
  "published": "2025-03-17T21:26:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29786"
    },
    {
      "type": "WEB",
      "url": "https://github.com/expr-lang/expr/pull/762"
    },
    {
      "type": "WEB",
      "url": "https://github.com/expr-lang/expr/commit/0d19441454426d2f58edb22c31f3ba5f99c7a26e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/expr-lang/expr"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Memory Exhaustion in Expr Parser with Unrestricted Input"
}

GHSA-6V2P-P543-PHR9

Vulnerability from github – Published: 2025-07-18 17:27 – Updated: 2025-07-18 17:27

Summary

golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability

Details

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "golang.org/x/oauth2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.27.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-22868"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1286"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-18T17:27:22Z",
    "nvd_published_at": "2025-02-26T08:14:24Z",
    "severity": "HIGH"
  },
  "details": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
  "id": "GHSA-6v2p-p543-phr9",
  "modified": "2025-07-18T17:27:22Z",
  "published": "2025-07-18T17:27:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
    },
    {
      "type": "WEB",
      "url": "https://go.dev/cl/652155"
    },
    {
      "type": "WEB",
      "url": "https://go.dev/issue/71490"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2025-3488"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability"
}

GHSA-MH63-6H87-95CP

Vulnerability from github – Published: 2025-03-21 22:04 – Updated: 2025-04-10 13:02

Summary

jwt-go allows excessive memory allocation during header parsing

Details

Summary

Function parse.ParseUnverified currently splits (via a call to strings.Split) its argument (which is untrusted data) on periods.

As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. Relevant weakness: CWE-405: Asymmetric Resource Consumption (Amplification)

Details

See parse.ParseUnverified

Impact

Excessive memory allocation

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/golang-jwt/jwt/v5"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0-rc.1"
            },
            {
              "fixed": "5.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/golang-jwt/jwt/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/golang-jwt/jwt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.2.0"
            },
            {
              "last_affected": "3.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-30204"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-405"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-21T22:04:00Z",
    "nvd_published_at": "2025-03-21T22:15:26Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nFunction [`parse.ParseUnverified`](https://github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139) currently splits (via a call to [strings.Split](https://pkg.go.dev/strings#Split)) its argument (which is untrusted data) on periods.\n\nAs a result, in the face of a malicious request whose _Authorization_ header consists of `Bearer ` followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. Relevant weakness: [CWE-405: Asymmetric Resource Consumption (Amplification)](https://cwe.mitre.org/data/definitions/405.html)\n\n### Details\n\nSee [`parse.ParseUnverified`](https://github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139) \n\n### Impact\n\nExcessive memory allocation",
  "id": "GHSA-mh63-6h87-95cp",
  "modified": "2025-04-10T13:02:34Z",
  "published": "2025-03-21T22:04:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
    },
    {
      "type": "WEB",
      "url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/golang-jwt/jwt"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20250404-0002"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "jwt-go allows excessive memory allocation during header parsing"
}

GHSA-MW99-9CHC-XW7R

Vulnerability from github – Published: 2023-12-27 15:06 – Updated: 2025-01-06 15:20

Summary

Maliciously crafted Git server replies can cause DoS on go-git clients

Details

Impact

A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients.

Applications using only the in-memory filesystem supported by go-git are not affected by this vulnerability. This is a go-git implementation issue and does not affect the upstream git cli.

Patches

Users running versions of go-git from v4 and above are recommended to upgrade to v5.11 in order to mitigate this vulnerability.

Workarounds

In cases where a bump to the latest version of go-git is not possible, we recommend limiting its use to only trust-worthy Git servers.

Credit

Thanks to Ionut Lalu for responsibly disclosing this vulnerability to us.

References

GHSA-mw99-9chc-xw7r

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-git/go-git/v5"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.11.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "gopkg.in/src-d/go-git.v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.7.1"
            },
            {
              "last_affected": "4.13.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-49568"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-27T15:06:52Z",
    "nvd_published_at": "2024-01-12T11:15:12Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nA denial of service (DoS) vulnerability was discovered in go-git versions prior to `v5.11`. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in `go-git` clients. \n\nApplications using only the in-memory filesystem supported by `go-git` are not affected by this vulnerability.\nThis is a `go-git` implementation issue and does not affect the upstream `git` cli.\n\n### Patches\nUsers running versions of `go-git` from `v4` and above are recommended to upgrade to `v5.11` in order to mitigate this vulnerability.\n\n### Workarounds\nIn cases where a bump to the latest version of `go-git` is not possible, we recommend limiting its use to only trust-worthy Git servers.\n\n## Credit\nThanks to Ionut Lalu for responsibly disclosing this vulnerability to us.\n\n### References\n- [GHSA-mw99-9chc-xw7r](https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r)\n",
  "id": "GHSA-mw99-9chc-xw7r",
  "modified": "2025-01-06T15:20:39Z",
  "published": "2023-12-27T15:06:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/go-git/go-git"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Maliciously crafted Git server replies can cause DoS on go-git clients"
}

CVE-2025-55190 (GCVE-0-2025-55190)

Vulnerability from cvelistv5 – Published: 2025-09-04 22:37 – Updated: 2025-09-05 16:07

Title

Argo CD: Project API Token Exposes Repository Credentials

Summary

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials (usernames, passwords) through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability does not only affect project-level permissions. Any token with project get permissions is also vulnerable, including global permissions such as: `p, role/user, projects, get, *, allow`. This issue is fixed in versions 2.13.9, 2.14.16, 3.0.14 and 3.1.2.

Severity ?

10 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

Tags

	https://github.com/argoproj/argo-cd/security/advi…	x_refsource_CONFIRM
	https://github.com/argoproj/argo-cd/commit/e8f861…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	argoproj	argo-cd	Affected: >= 2.13.0, < 2.13.9 Affected: >= 2.14.0, < 2.14.16 Affected: >= 3.0.0, < 3.0.14 Affected: >= 3.1.0-rc1, < 3.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-55190",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-05T16:07:11.324151Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-05T16:07:25.315Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.13.0, \u003c 2.13.9"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.14.0, \u003c 2.14.16"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.0.0, \u003c 3.0.14"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.1.0-rc1, \u003c 3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials (usernames, passwords) through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability does not only affect project-level permissions. Any token with project get permissions is also vulnerable, including global permissions such as: `p, role/user, projects, get, *, allow`. This issue is fixed in versions 2.13.9, 2.14.16, 3.0.14 and 3.1.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-04T22:37:52.811Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/e8f86101f5378662ae6151ce5c3a76e9141900e8",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/e8f86101f5378662ae6151ce5c3a76e9141900e8"
        }
      ],
      "source": {
        "advisory": "GHSA-786q-9hcg-v9ff",
        "discovery": "UNKNOWN"
      },
      "title": "Argo CD: Project API Token Exposes Repository Credentials"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-55190",
    "datePublished": "2025-09-04T22:37:52.811Z",
    "dateReserved": "2025-08-08T21:55:07.963Z",
    "dateUpdated": "2025-09-05T16:07:25.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-55191 (GCVE-0-2025-55191)

Vulnerability from cvelistv5 – Published: 2025-09-30 22:52 – Updated: 2025-10-06 18:32

Title

Repository Credentials Race Condition Crashes Argo CD Server

Summary

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. The vulnerability is located in numerous repository related handlers in the util/db/repository_secrets.go file. A valid API token with repositories resource permissions (create, update, or delete actions) is required to trigger the race condition. This vulnerability causes the entire Argo CD server to crash and become unavailable. Attackers can repeatedly and continuously trigger the race condition to maintain a denial-of-service state, disrupting all GitOps operations. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/argoproj/argo-cd/security/advi…	x_refsource_CONFIRM
	https://github.com/argoproj/argo-cd/pull/6103	x_refsource_MISC
	https://github.com/argoproj/argo-cd/commit/701bc5…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	argoproj	argo-cd	Affected: >= 2.1.0, < 2.14.20 Affected: = 3.2.0-rc1 Affected: >= 3.1.0-rc1, < 3.1.8 Affected: >= 3.0.0-rc1, < 3.0.19

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-55191",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-06T18:32:25.830089Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-06T18:32:34.110Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.1.0, \u003c 2.14.20"
            },
            {
              "status": "affected",
              "version": "= 3.2.0-rc1"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.1.0-rc1, \u003c 3.1.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.0.0-rc1, \u003c 3.0.19"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition in the repository credentials handler that can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. The vulnerability is located in numerous repository related handlers in the util/db/repository_secrets.go file. A valid API token with repositories resource permissions (create, update, or delete actions) is required to trigger the race condition. This vulnerability causes the entire Argo CD server to crash and become unavailable. Attackers can repeatedly and continuously trigger the race condition to maintain a denial-of-service state, disrupting all GitOps operations. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-30T22:52:19.838Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g88p-r42r-ppp9"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/pull/6103",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/pull/6103"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/701bc50d01c752cad96185f848088d287a97c7b7"
        }
      ],
      "source": {
        "advisory": "GHSA-g88p-r42r-ppp9",
        "discovery": "UNKNOWN"
      },
      "title": "Repository Credentials Race Condition Crashes Argo CD Server"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-55191",
    "datePublished": "2025-09-30T22:52:19.838Z",
    "dateReserved": "2025-08-08T21:55:07.963Z",
    "dateUpdated": "2025-10-06T18:32:34.110Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-59537 (GCVE-0-2025-59537)

Vulnerability from cvelistv5 – Published: 2025-10-01 21:01 – Updated: 2025-10-02 15:54

Title

argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload

Summary

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD’s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-20 - Improper Input Validation
CWE-476 - NULL Pointer Dereference

Assigner

GitHub_M

References

URL

Tags

	https://github.com/argoproj/argo-cd/security/advi…	x_refsource_CONFIRM
	https://github.com/argoproj/argo-cd/commit/761fc2…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	argoproj	argo-cd	Affected: >= 1.2.0, <= 1.8.7 Affected: >= 2.0.0-rc1, < 2.14.20 Affected: >= 3.2.0-rc1, < 3.2.0-rc2 Affected: >= 3.1.0-rc1, < 3.1.8 Affected: >= 3.0.0-rc1, < 3.0.19

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59537",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-02T15:35:13.081671Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-02T15:54:17.919Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.2.0, \u003c= 1.8.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.0.0-rc1, \u003c 2.14.20"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.2.0-rc1, \u003c 3.2.0-rc2"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.1.0-rc1, \u003c 3.1.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.0.0-rc1, \u003c 3.0.19"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-01T21:01:36.519Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
        }
      ],
      "source": {
        "advisory": "GHSA-wp4p-9pxh-cgx2",
        "discovery": "UNKNOWN"
      },
      "title": "argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59537",
    "datePublished": "2025-10-01T21:01:36.519Z",
    "dateReserved": "2025-09-17T17:04:20.373Z",
    "dateUpdated": "2025-10-02T15:54:17.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-59538 (GCVE-0-2025-59538)

Vulnerability from cvelistv5 – Published: 2025-10-01 21:09 – Updated: 2025-10-02 15:54

Title

Argo CD is Vulnerable to Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook

Summary

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-248 - Uncaught Exception
CWE-703 - Improper Check or Handling of Exceptional Conditions

Assigner

GitHub_M

References

URL

Tags

	https://github.com/argoproj/argo-cd/security/advi…	x_refsource_CONFIRM
	https://github.com/argoproj/argo-cd/commit/1a023f…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	argoproj	argo-cd	Affected: >= 2.9.0-rc1, < 2.14.20 Affected: >= 3.2.0-rc1, < 3.2.0-rc2 Affected: >= 3.1.0-rc1, < 3.1.8 Affected: >= 3.0.0-rc1, < 3.0.19

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59538",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-02T15:32:22.380180Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-02T15:54:11.490Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.9.0-rc1, \u003c 2.14.20"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.2.0-rc1, \u003c 3.2.0-rc2"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.1.0-rc1, \u003c 3.1.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.0.0-rc1, \u003c 3.0.19"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248: Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-01T21:09:08.870Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf"
        }
      ],
      "source": {
        "advisory": "GHSA-gpx4-37g2-c8pv",
        "discovery": "UNKNOWN"
      },
      "title": "Argo CD is Vulnerable to Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59538",
    "datePublished": "2025-10-01T21:09:08.870Z",
    "dateReserved": "2025-09-17T17:04:20.373Z",
    "dateUpdated": "2025-10-02T15:54:11.490Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

Vulnerability from cleanstart

GHSA-93MQ-9FFX-83M2

Impact

Patches

Workarounds

References

762

GHSA-6V2P-P543-PHR9

GHSA-MH63-6H87-95CP

Summary

Details

Impact

GHSA-MW99-9CHC-XW7R

Impact

Patches

Workarounds

Credit

References

CVE-2025-55190 (GCVE-0-2025-55190)

CVE-2025-55191 (GCVE-0-2025-55191)

CVE-2025-59537 (GCVE-0-2025-59537)

CVE-2025-59538 (GCVE-0-2025-59538)

Tags

Sightings

Nomenclature