Argo CD prior to 2.1.9 and 2.2.x prior to 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linuxfoundation argo-cd |