Description

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write access to the repository and can exploit it, either intentionally or unintentionally, by committing an invalid Secret to repository and triggering a Sync. Once exploited, any user with read access to Argo CD can view the exposed secret data. The vulnerability is fixed in v2.13.4, v2.12.10, and v2.11.13.

INFO

Published Date :

2025-01-30T15:30:05.405Z

Last Modified :

2025-02-12T19:51:12.285Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-23216 vulnerability.

Vendors Products
Argoproj
  • Argo Cd
Redhat
  • Openshift Gitops
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-23216.

URL Resource
https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107 cve-icon cve-icon cve-icon
https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v cve-icon cve-icon cve-icon
https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-23216 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-23216 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact