cvedb.io
CVE-2022-24348
HIGH · CVSS 7.7
EPSS exploitation probability: 0%
Published 2022-02-04T21:15:08.103 · Last modified 2026-06-17T04:31:40.307

Summary

Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.

Affected products

argoproj — argo_cd

Does this affect you?

Add your gear to cvedb and we'll alert you only when argoproj ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.