Insecure Defaults Affecting github.com/argoproj/argo-cd/v2/util/settings Open this link in a new tab package, versions <1.8.0
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
27 Jul 2021
26 Jul 2021
How to fix?
github.com/argoproj/argo-cd/v2/util/settings to version 1.8.0 or higher.
github.com/argoproj/argo-cd/v2/util/settings is a Declarative continuous deployment for Kubernetes.
Affected versions of this package are vulnerable to Insecure Defaults. Argo CD uses the
argocd-server pod name as the default admin password. Kubernetes users able to list pods in the argo namespace are able to retrieve the default password.