In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow because expression template output is evaluated.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T01:30:09.170Z
Reserved: 2021-08-02T00:00:00
Link: CVE-2021-37914

No data.

Status : Modified
Published: 2021-08-03T00:15:08.607
Modified: 2024-11-21T06:16:02.700
Link: CVE-2021-37914

No data.