This is pro-active fix. No know exploits exist.
Impacted:
--auth-mode=client
--auth-mode=server
The client's authentication will be ignored and the server's authentication will be used. This will result in privilege escalation to that of the the server's account.
https://github.com/argoproj/argo-workflows/pull/6506
None.
{ "nvd_published_at": null, "cwe_ids": [ "CWE-285" ], "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2021-08-23T17:05:11Z" }