QwikSec

Security Database

CVE

CWE

Training

CVE-2025-62157

Published: Oct 14, 2025

Modified: Oct 14, 2025

PUBLISHED

Description

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 expose artifact repository credentials in plaintext in workflow-controller pod logs. An attacker with permissions to read pod logs in a namespace running Argo Workflows can read the workflow-controller logs and obtain credentials to the artifact repository. Update to versions 3.6.12 or 3.7.3 to remediate the vulnerability. No known workarounds exist.

Vendor	Product	Versions
argoproj	argo-workflows	affected `>= 3.7.0, < 3.7.3` affected `< 3.6.12`

Weaknesses (CWE)

References

https://github.com/argoproj/argo-workflows/security/advisories/GHSA-c2hv-4pfj-mm2r

x_refsource_CONFIRM

https://github.com/argoproj/argo-workflows/commit/18ad5138b6bcb2aba04e00b4ec657bc6b8fad8df

x_refsource_MISC

https://github.com/argoproj/argo-workflows/commit/bded09fe4abd37cb98d7fc81b4c14a6f5034e9ab

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.