CVE-2022-41354

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-41354

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41354.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-41354

Aliases

Related

GHSA-2q5c-qw9c-fmvq

Published

2023-03-27T14:15:07.557Z

Modified

2026-02-13T02:36:09.680928Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications.

References

Affected packages

Git / github.com/argoproj/argo-cd

Affected ranges

Type: GIT
Repo: https://github.com/argoproj/argo-cd
Events: Introduced

acc554f3d99010e0353b498a595844b30090556f

Fixed

5bcd846fa16e4b19d8f477de7da50ec0aef320e5

Introduced

b895da457791d56f01522796a8c3cd0f583d5d91

Fixed

84fbc930161f29ebe45a7da3b2e81ee256d119c2

Introduced

df0e2e4015c4cff4e16c8743df9d62f5ca1bdc24

Fixed

598f79236ae4160325b37342434baef4ff95d61c

Affected versions

v0.*

v0.5.0

v0.5.1

v0.5.2

v0.6.0

v0.6.1

v0.7.0

v0.7.1

v0.8.0

v2.*

v2.4.0

v2.4.0-rc1

v2.4.0-rc2

v2.4.0-rc3

v2.4.0-rc4

v2.4.0-rc5

v2.4.1

v2.4.10

v2.4.11

v2.4.12

v2.4.13

v2.4.14

v2.4.15

v2.4.16

v2.4.17

v2.4.18

v2.4.19

v2.4.2

v2.4.20

v2.4.21

v2.4.22

v2.4.23

v2.4.24

v2.4.25

v2.4.26

v2.4.27

v2.4.3

v2.4.4

v2.4.5

v2.4.6

v2.4.7

v2.4.8

v2.4.9

v2.5.0

v2.5.1

v2.5.10

v2.5.11

v2.5.12

v2.5.13

v2.5.14

v2.5.15

v2.5.2

v2.5.3

v2.5.4

v2.5.5

v2.5.6

v2.5.7

v2.5.8

v2.5.9

v2.6.0

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.6.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41354.json"