Description

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissions to read pod logs in a namespace running Argo Workflows can read the workflow-controller logs and obtain credentials to the artifact repository. Update to versions 3.6.12 or 3.7.3 to remediate the vulnerability. No known workarounds exist.

INFO

Published Date :

2025-10-14T15:06:39.829Z

Last Modified :

2025-10-14T16:06:02.367Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-62157 vulnerability.

Vendors Products
Argoproj
  • Argo-workflows
  • Argo Workflows
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-62157.

URL Resource
https://github.com/argoproj/argo-workflows/commit/18ad5138b6bcb2aba04e00b4ec657bc6b8fad8df cve-icon cve-icon cve-icon
https://github.com/argoproj/argo-workflows/commit/bded09fe4abd37cb98d7fc81b4c14a6f5034e9ab cve-icon cve-icon cve-icon
https://github.com/argoproj/argo-workflows/security/advisories/GHSA-c2hv-4pfj-mm2r cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-62157 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-62157 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact