0.001 Low
EPSS
Percentile
33.2%
github.com/argoproj/argo-cd is vulnerable to directory traversal. The vulnerability exists in helmTemplate function of repository.go which allows a malicious user to traverse the file system.
helmTemplate
repository.go
apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/
github.com/argoproj/argo-cd/commit/78c2084f0febd159039ff785ddc2bd4ba1cecf88
github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7