GHSA-7VF8-2CR6-54MF

Vulnerability from github – Published: 2026-05-04 20:12 – Updated: 2026-05-13 13:39
VLAI?
Summary
Argo vulnerable to exposure of artifact repository credentials
Details

Summary

The workflow executor logs all artifact repository credentials (S3 access keys, secret keys, GCS service account keys, Azure account keys, Git passwords, etc.) in plaintext on artifact operation. Any user with read access to workflow pod logs can extract these credentials.

Note: This is an incomplete fix of CVE-2025-62157

Details

The logging driver passes the entire ArtifactDriver struct to the structured logger, for example: https://github.com/argoproj/argo-workflows/blob/59f1089b9875723ddffd524513e6bd5cb37e5e31/workflow/artifacts/logging/driver.go#L24

Exposed credential fields: - S3 (workflow/artifacts/s3/s3.go): AccessKey, SecretKey, SessionToken, ServerSideCustomerKey - OSS (workflow/artifacts/oss/oss.go): AccessKey, SecretKey, SecurityToken - GCS (workflow/artifacts/gcs/gcs.go): ServiceAccountKey

PoC

  1. Create template
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
  name: cred-leak-test
  namespace: argo
spec:
  entrypoint: main
  templates:
  - name: main
    container:
      image: alpine:3.13
      command: [sh, -c]
      args: ["echo 'hello' > /tmp/output.txt"]
    outputs:
      artifacts:
      - name: output
        path: /tmp/output.txt
        s3:
          endpoint: minio:9000
          insecure: true
          bucket: my-bucket
          key: test-output.txt
          accessKeySecret:
            name: my-minio-cred
            key: accesskey
          secretKeySecret:
            name: my-minio-cred
            key: secretkey
  1. Then check the logs kubectl -n argo logs "cred-leak-test" -c wait image

Impact

Any user with Kubernetes RBAC permissions to read pod logs in the workflow namespace can extract artifact repository credentials.

Severity ?
8.5 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-workflows/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-42295"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-04T20:12:01Z",
    "nvd_published_at": "2026-05-09T04:16:25Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nThe workflow executor logs all artifact repository credentials (S3 access keys, secret keys, GCS service account keys, Azure account keys, Git passwords, etc.) in plaintext on artifact operation. Any user with read access to workflow pod logs can extract these credentials.\n\n**Note:** This is an incomplete fix of [CVE-2025-62157](https://github.com/argoproj/argo-workflows/security/advisories/GHSA-c2hv-4pfj-mm2r)\n### Details\nThe logging driver passes the entire ArtifactDriver struct to the structured logger, for example:\nhttps://github.com/argoproj/argo-workflows/blob/59f1089b9875723ddffd524513e6bd5cb37e5e31/workflow/artifacts/logging/driver.go#L24\n\nExposed credential fields:\n- S3 (workflow/artifacts/s3/s3.go): AccessKey, SecretKey, SessionToken, ServerSideCustomerKey\n- OSS (workflow/artifacts/oss/oss.go): AccessKey, SecretKey, SecurityToken\n- GCS (workflow/artifacts/gcs/gcs.go): ServiceAccountKey\n\n### PoC\n1. Create template\n```yml\napiVersion: argoproj.io/v1alpha1\nkind: Workflow\nmetadata:\n  name: cred-leak-test\n  namespace: argo\nspec:\n  entrypoint: main\n  templates:\n  - name: main\n    container:\n      image: alpine:3.13\n      command: [sh, -c]\n      args: [\"echo \u0027hello\u0027 \u003e /tmp/output.txt\"]\n    outputs:\n      artifacts:\n      - name: output\n        path: /tmp/output.txt\n        s3:\n          endpoint: minio:9000\n          insecure: true\n          bucket: my-bucket\n          key: test-output.txt\n          accessKeySecret:\n            name: my-minio-cred\n            key: accesskey\n          secretKeySecret:\n            name: my-minio-cred\n            key: secretkey\n```\n\n2. Then check the logs\n`kubectl -n argo logs \"cred-leak-test\" -c wait`\n\u003cimg width=\"1248\" height=\"322\" alt=\"image\" src=\"https://github.com/user-attachments/assets/a5cf6d66-7d67-408d-8583-27d11ecf1507\" /\u003e\n\n\n### Impact\nAny user with Kubernetes RBAC permissions to read pod logs in the workflow namespace can extract artifact repository credentials.",
  "id": "GHSA-7vf8-2cr6-54mf",
  "modified": "2026-05-13T13:39:27Z",
  "published": "2026-05-04T20:12:01Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-7vf8-2cr6-54mf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-c2hv-4pfj-mm2r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42295"
    },
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/commit/bdd40908580f727c590c8743836e338b04fe4a87"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/argoproj/argo-workflows"
    },
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/blob/59f1089b9875723ddffd524513e6bd5cb37e5e31/workflow/artifacts/logging/driver.go#L24"
    },
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-workflows/releases/tag/v4.0.5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Argo vulnerable to exposure of artifact repository credentials"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.