Argo CD is a popular open source, continuous delivery (CD) platform for Kubernetes that is used by hundreds of organizations globally. Recently, a serious vulnerability in Argo CD was uncovered by Apiiro, which enables attackers to access sensitive information such as secrets, passwords, and API keys. The vulnerability has been tagged as CVE-2022-24348.

The vulnerability could allow malicious actors to load specifically configured Kubernetes Helm charts that would grant them access to sensitive information through Argo CD.

To read this article in full, please click here