{"id":"GO-2022-0405","summary":"Potential privilege escalation on Kubernetes \u003e= v1.19 when the Argo Sever is run with `--auth-mode=client` in github.com/argoproj/argo-workflows","details":"Potential privilege escalation on Kubernetes \u003e= v1.19 when the Argo Sever is run with `--auth-mode=client` in github.com/argoproj/argo-workflows","aliases":["GHSA-prqf-xr2j-xf65"],"modified":"2026-03-17T04:17:47.351729Z","published":"2024-08-21T14:30:31Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0405","review_status":"UNREVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/argoproj/argo-workflows/security/advisories/GHSA-prqf-xr2j-xf65"}],"affected":[{"package":{"name":"github.com/argoproj/argo-workflows","ecosystem":"Go","purl":"pkg:golang/github.com/argoproj/argo-workflows"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0405.json"}},{"package":{"name":"github.com/argoproj/argo-workflows/v2","ecosystem":"Go","purl":"pkg:golang/github.com/argoproj/argo-workflows/v2"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0405.json"}},{"package":{"name":"github.com/argoproj/argo-workflows/v3","ecosystem":"Go","purl":"pkg:golang/github.com/argoproj/argo-workflows/v3"},"ranges":[{"type":"SEMVER","events":[{"introduced":"3.0.0"},{"fixed":"3.0.9"},{"introduced":"3.1.0"},{"fixed":"3.1.6"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0405.json"}}],"schema_version":"1.7.5"}