{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28229", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-25T15:28:40.651Z", "datePublished": "2026-03-11T15:37:47.338Z", "dateUpdated": "2026-03-11T17:33:15.219Z"}, "containers": {"cna": {"title": "Argo Workflows has unauthorized access to Argo Workflows Template", "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-56px-hm34-xqj5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-56px-hm34-xqj5"}], "affected": [{"vendor": "argoproj", "product": "argo-workflows", "versions": [{"version": ">= 4.0.0, < 4.0.2", "status": "affected"}, {"version": "< 3.7.11", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-11T15:37:47.338Z"}, "descriptions": [{"lang": "en", "value": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11, Workflow templates endpoints allow any client to retrieve WorkflowTemplates (and ClusterWorkflowTemplates). Any request with a Authorization: Bearer nothing token can leak sensitive template content, including embedded Secret manifests. This vulnerability is fixed in 4.0.2 and 3.7.11."}], "source": {"advisory": "GHSA-56px-hm34-xqj5", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T17:32:34.148157Z", "id": "CVE-2026-28229", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T17:33:15.219Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28229", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T17:32:34.148157Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T17:33:04.105Z"}}], "cna": {"title": "Argo Workflows has unauthorized access to Argo Workflows Template", "source": {"advisory": "GHSA-56px-hm34-xqj5", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "argoproj", "product": "argo-workflows", "versions": [{"status": "affected", "version": ">= 4.0.0, < 4.0.2"}, {"status": "affected", "version": "< 3.7.11"}]}], "references": [{"url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-56px-hm34-xqj5", "name": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-56px-hm34-xqj5", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11, Workflow templates endpoints allow any client to retrieve WorkflowTemplates (and ClusterWorkflowTemplates). Any request with a Authorization: Bearer nothing token can leak sensitive template content, including embedded Secret manifests. This vulnerability is fixed in 4.0.2 and 3.7.11."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-11T15:37:47.338Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28229", "state": "PUBLISHED", "dateUpdated": "2026-03-11T17:33:15.219Z", "dateReserved": "2026-02-25T15:28:40.651Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-11T15:37:47.338Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11, Workflow templates endpoints allow any client to retrieve WorkflowTemplates (and ClusterWorkflowTemplates). Any request with a Authorization: Bearer nothing token can leak sensitive template content, including embedded Secret manifests. This vulnerability is fixed in 4.0.2 and 3.7.11."}], "id": "CVE-2026-28229", "lastModified": "2026-03-12T21:08:22.643", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-03-11T16:16:40.477", "references": [{"source": "[email protected]", "url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-56px-hm34-xqj5"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "argo-workflows: Argo Workflows has unauthorized access to Argo Workflows Template", "id": "2446549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446549"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-306", "details": ["A flaw was found in Argo Workflows in which an attacker can leak sensitive information contained in Workflow Templates and Cluster Workflow Templates. Because the functions that retrieve template information use server permissions, no authorization is required to read templates which might contain secrets such as passwords, API keys, or other sensitive data."], "name": "CVE-2026-28229", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-api-server-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-api-server-v2-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-driver-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-driver-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-launcher-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-launcher-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2026-03-11T15:37:47Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-28229\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-28229\nhttps://github.com/argoproj/argo-workflows/security/advisories/GHSA-56px-hm34-xqj5"], "threat_severity": "Important"}