GHSA-RG3G-4RW9-GQRP

Vulnerability from github – Published: 2026-05-19 15:54 – Updated: 2026-05-19 15:54
VLAI
Summary
Argo CD: Kubernetes Secret Extraction via ArgoCD ServerSideDiff via sensitive annotations
Details

Summary

The original fix for GHSA-3v3m-wc6v-x4x3 is incomplete. argocd app diff --server-side-diff can still expose Kubernetes Secret values embedded in the kubectl.kubernetes.io/last-applied-configuration annotation.

The prior fix masks top-level Secret data in ServerSideDiff responses, but it does not fully sanitize Secret data stored inside the last-applied-configuration annotation. If a Secret was previously created or updated using client-side apply, that annotation may contain raw data, stringData, and sensitive annotations. These values can be shown in UI/CLI diffs.

Details

The ServerSideDiff endpoint returns ResourceDiff.TargetState / LiveState based on server-side dry-run output. Kubernetes server-side dry-run can return a full predicted live Secret object that carries forward existing live annotations, including:

kubectl.kubernetes.io/last-applied-configuration For Secrets created with client-side apply, that annotation can contain a JSON-serialized Secret manifest with sensitive values.

The masking path calls HideSecretData(target, live, ...). However, HideSecretData only rewrites the last-applied annotation on the second argument (live). In server-side diff, the first argument can be predictedLive, not a clean Git target. predictedLive can also contain kubectl.kubernetes.io/last-applied-configuration, so the first object’s embedded annotation can remain unmasked.

PoC

Create an app containing this Secret manifest:

apiVersion: v1
kind: Namespace
metadata:
  name: last-applied-secret-repro
---
apiVersion: v1
kind: Secret
metadata:
  name: secret
  namespace: last-applied-secret-repro
  annotations:
    app: test
    token: SECRETVAL
type: Opaque
data:
  password: U0VDUkVUVkFM
  username: U0VDUkVUVkFM

Create and Sync Argo App

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: last-applied-secret-repro
  namespace: argocd
  annotations:
    argocd.argoproj.io/compare-options: ServerSideDiff=true,IncludeMutationWebhook=true
spec:
  project: default
  destination:
    server: https://kubernetes.default.svc
    namespace: last-applied-secret-repro
  source:
    repoURL: https://github.com/YOUR_ORG/YOUR_REPO.git
    targetRevision: HEAD
    path: last-applied-secret-repro
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true
      - ServerSideApply=true

Run argo cd app diff argocd app diff last-applied-secret-repro --server-side-diff --exit-code=false

❯ argocd app diff last-applied-secret-repro --server-side-diff --exit-code=false

===== /Secret last-applied-secret-repro/secret ======
10c10,11
<     kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","data":{"password":"++++++++","username":"++++++++"},"kind":"Secret","metadata":{"annotations":{"app":"test","argocd.argoproj.io/tracking-id":"last-applied-secret-repro:/Secret:last-applied-secret-repro/secret","token":"SECRETVAL"},"name":"secret","namespace":"last-applied-secret-repro"},"type":"Opaque"}'
---
>     kubectl.kubernetes.io/last-applied-configuration: |
>       {"apiVersion":"v1","data":{"password":"U0VDUkVUVkFM","username":"U0VDUkVUVkFM"},"kind":"Secret","metadata":{"annotations":{"app":"test","argocd.argoproj.io/tracking-id":"last-applied-secret-repro:/Secret:last-applied-secret-repro/secret","token":"SECRETVAL"},"name":"secret","namespace":"last-applied-secret-repro"},"type":"Opaque"}

The secret value can be seen inside the diff

Impact

Authenticated Argo CD users who can view application diffs may be able to read Secret values that should be masked.

Impacted values include: Secret data embedded in kubectl.kubernetes.io/last-applied-configuration

Severity
6.3 (Medium)
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.2.11"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-cd/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.2.0"
            },
            {
              "fixed": "3.2.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.3.9"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-cd/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.3.0-rc1"
            },
            {
              "fixed": "3.3.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.4.1"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/argoproj/argo-cd/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.4.0-rc1"
            },
            {
              "fixed": "3.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-45737"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-212"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-19T15:54:21Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\nThe original fix for [GHSA-3v3m-wc6v-x4x3](https://github.com/argoproj/argo-cd/security/advisories/GHSA-3v3m-wc6v-x4x3) is incomplete. argocd app diff --server-side-diff can still expose Kubernetes Secret values embedded in the kubectl.kubernetes.io/last-applied-configuration annotation.\n\nThe prior fix masks top-level Secret data in ServerSideDiff responses, but it does not fully sanitize Secret data stored inside the last-applied-configuration annotation. If a Secret was previously created or updated using client-side apply, that annotation may contain raw data, stringData, and sensitive annotations. These values can be shown in UI/CLI diffs.\n\n### Details\nThe ServerSideDiff endpoint returns ResourceDiff.TargetState / LiveState based on server-side dry-run output. Kubernetes server-side dry-run can return a full predicted live Secret object that carries forward existing live annotations, including:\n\nkubectl.kubernetes.io/last-applied-configuration\nFor Secrets created with client-side apply, that annotation can contain a JSON-serialized Secret manifest with sensitive values.\n\nThe masking path calls HideSecretData(target, live, ...). However, HideSecretData only rewrites the last-applied annotation on the second argument (live). In server-side diff, the first argument can be predictedLive, not a clean Git target. predictedLive can also contain kubectl.kubernetes.io/last-applied-configuration, so the first object\u2019s embedded annotation can remain unmasked.\n\n### PoC\nCreate an app containing this Secret manifest:\n```yaml\napiVersion: v1\nkind: Namespace\nmetadata:\n  name: last-applied-secret-repro\n---\napiVersion: v1\nkind: Secret\nmetadata:\n  name: secret\n  namespace: last-applied-secret-repro\n  annotations:\n    app: test\n    token: SECRETVAL\ntype: Opaque\ndata:\n  password: U0VDUkVUVkFM\n  username: U0VDUkVUVkFM\n```\nCreate and Sync Argo App\n```yaml\napiVersion: argoproj.io/v1alpha1\nkind: Application\nmetadata:\n  name: last-applied-secret-repro\n  namespace: argocd\n  annotations:\n    argocd.argoproj.io/compare-options: ServerSideDiff=true,IncludeMutationWebhook=true\nspec:\n  project: default\n  destination:\n    server: https://kubernetes.default.svc\n    namespace: last-applied-secret-repro\n  source:\n    repoURL: https://github.com/YOUR_ORG/YOUR_REPO.git\n    targetRevision: HEAD\n    path: last-applied-secret-repro\n  syncPolicy:\n    automated:\n      prune: true\n      selfHeal: true\n    syncOptions:\n      - CreateNamespace=true\n      - ServerSideApply=true\n```\nRun argo cd app diff\n`argocd app diff last-applied-secret-repro --server-side-diff --exit-code=false`\n```\n\u276f argocd app diff last-applied-secret-repro --server-side-diff --exit-code=false\n\n===== /Secret last-applied-secret-repro/secret ======\n10c10,11\n\u003c     kubectl.kubernetes.io/last-applied-configuration: \u0027{\"apiVersion\":\"v1\",\"data\":{\"password\":\"++++++++\",\"username\":\"++++++++\"},\"kind\":\"Secret\",\"metadata\":{\"annotations\":{\"app\":\"test\",\"argocd.argoproj.io/tracking-id\":\"last-applied-secret-repro:/Secret:last-applied-secret-repro/secret\",\"token\":\"SECRETVAL\"},\"name\":\"secret\",\"namespace\":\"last-applied-secret-repro\"},\"type\":\"Opaque\"}\u0027\n---\n\u003e     kubectl.kubernetes.io/last-applied-configuration: |\n\u003e       {\"apiVersion\":\"v1\",\"data\":{\"password\":\"U0VDUkVUVkFM\",\"username\":\"U0VDUkVUVkFM\"},\"kind\":\"Secret\",\"metadata\":{\"annotations\":{\"app\":\"test\",\"argocd.argoproj.io/tracking-id\":\"last-applied-secret-repro:/Secret:last-applied-secret-repro/secret\",\"token\":\"SECRETVAL\"},\"name\":\"secret\",\"namespace\":\"last-applied-secret-repro\"},\"type\":\"Opaque\"}\n```\nThe secret value can be seen inside the diff\n\n### Impact\nAuthenticated Argo CD users who can view application diffs may be able to read Secret values that should be masked.\n\nImpacted values include:\nSecret data embedded in kubectl.kubernetes.io/last-applied-configuration",
  "id": "GHSA-rg3g-4rw9-gqrp",
  "modified": "2026-05-19T15:54:22Z",
  "published": "2026-05-19T15:54:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-rg3g-4rw9-gqrp"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/argoproj/argo-cd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Argo CD: Kubernetes Secret Extraction via ArgoCD ServerSideDiff via sensitive annotations"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.