CyberHappenings logo
☰

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Argo CD API vulnerability leaks repository credentials

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

A critical vulnerability in Argo CD (CVE-2025-55190) allows API tokens with project-level get permissions to access and retrieve all repository credentials associated with the project. This flaw affects all versions of Argo CD up to 2.13.0 and can lead to unauthorized access to private codebases, malicious code injection, and potential downstream compromises. The vulnerability is rated with the maximum severity score of 10.0 in CVSS v3. It impacts numerous organizations, including large enterprises that use Argo CD for mission-critical deployments.

Timeline

  1. 05.09.2025 18:30 πŸ“° 1 articles Β· ⏱ 11d ago

    Argo CD API vulnerability leaks repository credentials

    A critical vulnerability in Argo CD (CVE-2025-55190) allows API tokens with project-level get permissions to access and retrieve all repository credentials associated with the project. This flaw affects all versions of Argo CD up to 2.13.0 and can lead to unauthorized access to private codebases, malicious code injection, and potential downstream compromises. The vulnerability is rated with the maximum severity score of 10.0 in CVSS v3. It impacts numerous organizations, including large enterprises that use Argo CD for mission-critical deployments.

    Show sources

Information Snippets