VDB
GO-2025-3934
GO-2025-3934
PUBLISHED
Argo CD's Project API Token Exposes Repository Credentials in github.com/argoproj/argo-cd
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | argoproj/argo-cd/v2 | 2.14.0, 2.13.0, 2.14.0 |
| github.com | argoproj/argo-cd/v3 | 3.1.0-rc1, 0, 3.1.0-rc1 |
| github.com | argoproj/argo-cd | 0, 0 |
Timeline
- Sep 8, 2025 CVE Published
- Feb 4, 2026 CVE Updated
- May 1, 2026 Security Advisory