Argo CD is a popular open source, continuous delivery (CD) platform for Kubernetes that is used by hundreds of organizations globally. Recently, a serious vulnerability in Argo CD was uncovered by Apiiro, which enables attackers to access sensitive information such as secrets, passwords, and API keys. The vulnerability has been tagged as CVE-2022-24348.
The vulnerability could allow malicious actors to load specifically configured Kubernetes Helm charts that would grant them access to sensitive information through Argo CD.
InfoWorld Cloud ComputingRead More